WebKit-https.git
4 years agoMake a way to test display-list drawing
simon.fraser@apple.com [Fri, 15 Jan 2016 23:57:41 +0000 (23:57 +0000)]
Make a way to test display-list drawing
https://bugs.webkit.org/show_bug.cgi?id=152956

Reviewed by Ryosuke Niwa.
Source/WebCore:

Make it possible to toggle display-list drawing for a given compositing
layer via internals, as well as getting a textual representation of the display
list, optionally including items with platform-specific behavior.

Add one test that uses this.

Test: displaylists/layer-dispay-list.html

* platform/graphics/GraphicsLayer.h:
(WebCore::GraphicsLayer::displayListAsText):
* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::displayListAsText):
* platform/graphics/ca/GraphicsLayerCA.h:
* platform/graphics/displaylists/DisplayList.cpp:
(WebCore::DisplayList::DisplayList::shouldDumpForFlags):
(WebCore::DisplayList::DisplayList::asText):
* platform/graphics/displaylists/DisplayList.h:
* rendering/RenderLayerBacking.cpp:
(WebCore::RenderLayerBacking::setUsesDisplayListDrawing):
(WebCore::RenderLayerBacking::displayListAsText):
* rendering/RenderLayerBacking.h:
* testing/Internals.cpp:
(WebCore::Internals::setElementUsesDisplayListDrawing):
(WebCore::Internals::displayListForElement):
* testing/Internals.h:
* testing/Internals.idl:

LayoutTests:

Enable displaylists tests on Mac and iOS.

* TestExpectations:
* displaylists/layer-dispay-list-expected.txt: Added.
* displaylists/layer-dispay-list.html: Added.
* platform/ios-simulator/TestExpectations:
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195156 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix internal Windows build
achristensen@apple.com [Fri, 15 Jan 2016 23:42:04 +0000 (23:42 +0000)]
Fix internal Windows build
https://bugs.webkit.org/show_bug.cgi?id=153142

Source/JavaScriptCore:

Reviewed by Brent Fulgham.

The internal Windows build builds JavaScriptCore from a directory that is not called JavaScriptCore.
Searching for JavaScriptCore/API/APICast.h fails because it is in SomethingElse/API/APICast.h.
Since we are including the JavaScriptCore directory, it is not necessary to have JavaScriptCore in
the forwarding headers, but removing it allows builds form directories that are not named JavaScriptCore.

* ForwardingHeaders/JavaScriptCore/APICast.h:
* ForwardingHeaders/JavaScriptCore/JSBase.h:
* ForwardingHeaders/JavaScriptCore/JSCTestRunnerUtils.h:
* ForwardingHeaders/JavaScriptCore/JSContextRef.h:
* ForwardingHeaders/JavaScriptCore/JSObjectRef.h:
* ForwardingHeaders/JavaScriptCore/JSRetainPtr.h:
* ForwardingHeaders/JavaScriptCore/JSStringRef.h:
* ForwardingHeaders/JavaScriptCore/JSStringRefCF.h:
* ForwardingHeaders/JavaScriptCore/JSValueRef.h:
* ForwardingHeaders/JavaScriptCore/JavaScript.h:
* ForwardingHeaders/JavaScriptCore/JavaScriptCore.h:
* ForwardingHeaders/JavaScriptCore/OpaqueJSString.h:
* ForwardingHeaders/JavaScriptCore/WebKitAvailability.h:

Source/WebKit2:

Unreviewed addition to Alex's JSC patch, which was reviewed by Brent Fulgham. Pass
-I${JAVASCRIPTCORE_DIR} to g-ir-scanner.

Patch by Michael Catanzaro <mcatanzaro@igalia.com> on 2016-01-15

* PlatformGTK.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195155 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix audio build with video disabled
commit-queue@webkit.org [Fri, 15 Jan 2016 23:34:25 +0000 (23:34 +0000)]
Fix audio build with video disabled
https://bugs.webkit.org/show_bug.cgi?id=153134

Patch by Olivier Blin <olivier.blin@softathome.com> on 2016-01-15
Reviewed by Michael Catanzaro.

Build fails when WebAudio is enabled but VIDEO disabled.

No new tests since this is a build fix only.

* platform/audio/PlatformMediaSession.cpp:
* platform/audio/PlatformMediaSession.h:
* platform/audio/PlatformMediaSessionManager.cpp:
* testing/Internals.cpp:
(WebCore::Internals::setAudioContextRestrictions):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195154 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Fix build of RenderThemeGtk without VIDEO by including HTMLInputElement
commit-queue@webkit.org [Fri, 15 Jan 2016 23:22:45 +0000 (23:22 +0000)]
[GTK] Fix build of RenderThemeGtk without VIDEO by including HTMLInputElement
https://bugs.webkit.org/show_bug.cgi?id=153133

Patch by Olivier Blin <olivier.blin@softathome.com> on 2016-01-15
Reviewed by Michael Catanzaro.

Build was fine with VIDEO enabled, since HTMLInputElement.h was
included by transitivity through MediaControlElements.h and
MediaControlElementTypes.h.

This seems to be broken since r194847.

No new tests since this is just a build fix.

* rendering/RenderThemeGtk.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195153 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agocreateElementNS and createAttributeNS should treat undefined namespaceURI as null...
rniwa@webkit.org [Fri, 15 Jan 2016 23:06:32 +0000 (23:06 +0000)]
createElementNS and createAttributeNS should treat undefined namespaceURI as null string
https://bugs.webkit.org/show_bug.cgi?id=153119

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Rebaseline a test now that more test cases are passing.

* web-platform-tests/dom/nodes/Document-createElementNS-expected.txt:

Source/WebCore:

Treat undefined as null in document.createElementNS and document.createAttributeNS as defined in:
https://dom.spec.whatwg.org/#document

Test: fast/dom/Document/createAttributeNS-undefined-namespace.html

* dom/Document.idl:

LayoutTests:

Add a regression test for calling createAttributeNS with undefined namespaceURI.

* fast/dom/Document/createAttributeNS-undefined-namespace-expected.txt: Added.
* fast/dom/Document/createAttributeNS-undefined-namespace.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195152 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRefine http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with...
jiewen_tan@apple.com [Fri, 15 Jan 2016 23:03:02 +0000 (23:03 +0000)]
Refine http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer*
https://bugs.webkit.org/show_bug.cgi?id=153140

Reviewed by Alexey Proskuryakov.

* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-always.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-default.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-never.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-no-referrer-when-downgrade.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-no-referrer.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-origin.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped-with-meta-referer-unsafe-url.html:
* http/tests/contentdispositionattachmentsandbox/referer-header-stripped.html:
* http/tests/contentdispositionattachmentsandbox/resources/referer-header-stripped.js:
(onload):
(navigation): Deleted.
The reason why the tests are not completed after calling testRunner.notifyDone() is that the original navigation()
is bound as the onload of the iframe which will dispatch two load events. Therefore, navigation() will be called
twice. Here, change the navigation() to be bound with the main frame's onload function, which will restrict it to
be called only once.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195151 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Cocoa] Font features are not applied to the system font
mmaxfield@apple.com [Fri, 15 Jan 2016 22:58:45 +0000 (22:58 +0000)]
[Cocoa] Font features are not applied to the system font
https://bugs.webkit.org/show_bug.cgi?id=153053

Reviewed by Dean Jackson.

Source/WebCore:

We simply need to call preparePlatformFont() on it.

Test: fast/text/system-font-features.html

* platform/graphics/cocoa/FontCacheCoreText.cpp:
(WebCore::fontWithFamily):

LayoutTests:

* fast/text/system-font-features-expected.html: Added.
* fast/text/system-font-features.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195150 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoData detector yellow highlight location is vertically mirrored in WebKit1
timothy_horton@apple.com [Fri, 15 Jan 2016 22:29:19 +0000 (22:29 +0000)]
Data detector yellow highlight location is vertically mirrored in WebKit1
https://bugs.webkit.org/show_bug.cgi?id=152216
<rdar://problem/23848003>

Reviewed by Beth Dakin.

No new tests, because we currently have no decent mechanism for testing
where TextIndicator/Lookup/DataDetectors actually make it to the screen,
nor for synthetic force-click in WebKit1.

* editing/mac/DictionaryLookup.h:
* editing/mac/DictionaryLookup.mm:
(WebCore::showPopupOrCreateAnimationController):
(WebCore::DictionaryLookup::showPopup):
(WebCore::DictionaryLookup::animationControllerForPopup):
Add an optional function for converting between root-FrameView and
handed-in-NSView coordinates, and use it to convert textBoundingRectInRootViewCoordinates
into the coordinates of the WebView.

* WebView/WebImmediateActionController.mm:
(-[WebImmediateActionController _animationControllerForDataDetectedText]):
(-[WebImmediateActionController _animationControllerForDataDetectedLink]):
These assignments have no effect because they're operating on a copy, because
TextIndicator::data() does not return a reference... so remove them.

* WebView/WebView.mm:
(-[WebView _setTextIndicator:withLifetime:]):
Convert textBoundingRectInRootViewCoordinates to WebView coordinates before
converting to Window coordinates from WebView coordinates so we get flipping right.

(-[WebView _animationControllerForDictionaryLookupPopupInfo:]):
(-[WebView _showDictionaryLookupPopup:]):
Ditto for these, except in the aforementioned conversion callback.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195149 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMedia Query (-webkit-video-playable-inline) is failing as an invalid media query...
commit-queue@webkit.org [Fri, 15 Jan 2016 22:28:03 +0000 (22:28 +0000)]
Media Query (-webkit-video-playable-inline) is failing as an invalid media query expression
https://bugs.webkit.org/show_bug.cgi?id=153111

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-01-15
Reviewed by Dean Jackson.

Source/WebCore:

Test: fast/media/video-playable-inline-media-query.html

* css/MediaQueryEvaluator.cpp:
(WebCore::video_playable_inlineMediaFeatureEval):
(WebCore::isRunningOnIPhoneOrIPod): Deleted.
Make the media query work regardless of the platform.
It should just check the web view's settings.

* css/MediaQueryExp.cpp:
(WebCore::featureWithoutValue):
This media query expects no value, include it in the list
so it is not treated as invalid.

LayoutTests:

* fast/media/video-playable-inline-media-query-expected.txt: Added.
* fast/media/video-playable-inline-media-query.html: Added.
* platform/ios-simulator/ios/fast/media/video-inline-expected.txt: Removed.
* platform/ios-simulator/ios/fast/media/video-inline.html: Removed.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195148 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoLayoutTest inspector/script-profiler/event-type-Other.html is flaky
commit-queue@webkit.org [Fri, 15 Jan 2016 22:21:41 +0000 (22:21 +0000)]
LayoutTest inspector/script-profiler/event-type-Other.html is flaky
https://bugs.webkit.org/show_bug.cgi?id=153016
<rdar://problem/24192919>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-01-15
Reviewed by Brian Burg.

Introduce a better way for the inspected page to signal to
the inspector page by dispatching an event with JSON data.
Use it in this test to try to eliminate flakyness.

* http/tests/inspector/resources/inspector-test.js:
(TestPage.dispatchEventToFrontend):
* http/tests/inspector/resources/protocol-test.js:
(TestPage.runTest.window.runTest):
(TestPage.dispatchEventToFrontend):
* inspector/script-profiler/event-type-Other.html:
* inspector/unit-tests/inspector-test-dispatch-event-to-frontend-expected.txt: Added.
* inspector/unit-tests/inspector-test-dispatch-event-to-frontend.html: Added.
* inspector/unit-tests/protocol-test-dispatch-event-to-frontend-expected.txt: Added.
* inspector/unit-tests/protocol-test-dispatch-event-to-frontend.html: Added.
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195147 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoASSERTION FAILED: canHaveChildren() || canHaveGeneratedChildren() in WebCore::RenderE...
zalan@apple.com [Fri, 15 Jan 2016 21:49:33 +0000 (21:49 +0000)]
ASSERTION FAILED: canHaveChildren() || canHaveGeneratedChildren() in WebCore::RenderElement::insertChildInternal
https://bugs.webkit.org/show_bug.cgi?id=123331

Reviewed by Darin Adler.

Do not set named flow fragment bit on the flow until after the renderer is attached. Setting/resetting it too early
could affect the attach/detach process itself (This is similar to attaching a multi column flow thread).

Source/WebCore:

Test: fast/regions/input-box-with-region-assert.html

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::willBeDestroyed):
(WebCore::RenderBlockFlow::createRenderNamedFlowFragmentIfNeeded):
(WebCore::RenderBlockFlow::setRenderNamedFlowFragment):

LayoutTests:

* fast/regions/input-box-with-region-assert-expected.txt: Added.
* fast/regions/input-box-with-region-assert.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195146 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[B3][Win64] Compile fixes.
peavo@outlook.com [Fri, 15 Jan 2016 21:43:57 +0000 (21:43 +0000)]
[B3][Win64] Compile fixes.
https://bugs.webkit.org/show_bug.cgi?id=153127

Reviewed by Alex Christensen.

MSVC have several overloads of fmod, pow, and ceil. We need to suggest to MSVC
which one we want to use.

* b3/B3LowerMacros.cpp:
* b3/B3LowerMacrosAfterOptimizations.cpp:
* b3/B3MathExtras.cpp:
(JSC::B3::powDoubleInt32):
* b3/B3ReduceStrength.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195145 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Fix some typos in unit tests
commit-queue@webkit.org [Fri, 15 Jan 2016 21:18:28 +0000 (21:18 +0000)]
Web Inspector: Fix some typos in unit tests
https://bugs.webkit.org/show_bug.cgi?id=153141

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-01-15
Reviewed by Brian Burg.

* inspector/unit-tests/async-test-suite-expected.txt:
* inspector/unit-tests/async-test-suite.html:
* inspector/unit-tests/sync-test-suite-expected.txt:
* inspector/unit-tests/sync-test-suite.html:
Fix some typos.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195144 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRebaseline tables/mozilla_expected_failures/bugs/bug89315.html for ios-simulator
ryanhaddad@apple.com [Fri, 15 Jan 2016 21:11:00 +0000 (21:11 +0000)]
Rebaseline tables/mozilla_expected_failures/bugs/bug89315.html for ios-simulator
https://bugs.webkit.org/show_bug.cgi?id=152130

Unreviewed test gardening.

* platform/ios-simulator/tables/mozilla_expected_failures/bugs/bug89315-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195143 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd kdebug_trace signposts for a few WebCore operations
simon.fraser@apple.com [Fri, 15 Jan 2016 20:57:37 +0000 (20:57 +0000)]
Add kdebug_trace signposts for a few WebCore operations
https://bugs.webkit.org/show_bug.cgi?id=153136
rdar://problem/24208487

Reviewed by Sam Weinig.
Source/WebCore:

Add trace points for style recalc, layout, view painting and layer painting.

* dom/Document.cpp:
(WebCore::Document::recalcStyle):
* page/FrameView.cpp:
(WebCore::FrameView::layout):
(WebCore::FrameView::paintContents):
* platform/graphics/ca/GraphicsLayerCA.cpp:
(WebCore::GraphicsLayerCA::platformCALayerPaintContents):

Source/WTF:

New header with the reserved WebKit component code, trace point codes, and
a stack-based helper that traces scope entry and exit.

The available range of trace point codes is arbitrarily segmented into WTF, JSC,
WebCore, WebKit and WebKit2.

* WTF.xcodeproj/project.pbxproj:
* wtf/CMakeLists.txt:
* wtf/SystemTracing.h: Added.
(WTF::TraceScope::TraceScope):
(WTF::TraceScope::~TraceScope):

Tools:

Plist used by kdebug_trace() viewing tools.

* Tracing/SystemTracePoints.plist: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195142 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSource/WebCore:
akling@apple.com [Fri, 15 Jan 2016 20:01:42 +0000 (20:01 +0000)]
Source/WebCore:
Use BumpArena for style sheet object tree.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Give each StyleSheetContents its own BumpArena, and plumb it down through CSSParser
to allocate StyleRule, StyleProperties and CSSSelectorList's selector arrays there.

This basically means that most objects that make up a given style sheet will end up
in one (or a few) contiguous region(s) of memory, instead of being scattered all
over the malloc heap.

In the common case (no CSSOM manipulation), the lifetimes of these objects are very
predictable: everything tends to die when the StyleSheetContents dies.
This dramatically improves space-efficiency in those cases, and allows us to return
contiguous chunks of memory to the system once a style sheet is no longer needed.

One-off CSS parses that don't work within a StyleSheetContents context will have
their StyleRules & co allocated through FastMalloc just like before.

Bonus: give SelectorQueryCache a dedicated BumpArena as well, since it has very
predictable lifetime.

* css/CSSGrammar.y.in:
* css/CSSKeyframesRule.h:
(WebCore::StyleRuleKeyframes::create):
* css/CSSParser.cpp:
(WebCore::CSSParser::createStyleProperties):
(WebCore::CSSParser::createMediaRule):
(WebCore::CSSParser::createSupportsRule):
(WebCore::CSSParser::createKeyframesRule):
(WebCore::CSSParser::setArena):
(WebCore::CSSParser::arena):
(WebCore::CSSParser::createStyleRule):
(WebCore::CSSParser::createFontFaceRule):
(WebCore::CSSParser::createPageRule):
(WebCore::CSSParser::createRegionRule):
(WebCore::CSSParser::createViewportRule):
* css/CSSParser.h:
* css/CSSParserValues.cpp:
(WebCore::CSSParserSelector::parsePseudoElementCueFunctionSelector):
(WebCore::CSSParserSelector::adoptSelectorVector):
* css/CSSParserValues.h:
* css/CSSSelectorList.cpp:
(WebCore::CSSSelectorList::CSSSelectorList):
(WebCore::CSSSelectorList::adoptSelectorVector):
(WebCore::CSSSelectorList::deleteSelectors):
* css/CSSSelectorList.h:
* css/StyleProperties.cpp:
(WebCore::ImmutableStyleProperties::create):
(WebCore::StyleProperties::immutableCopyIfNeeded):
* css/StyleProperties.h:
* css/StyleRule.cpp:
(WebCore::StyleRule::create):
(WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount):
(WebCore::StyleRuleRegion::StyleRuleRegion):
* css/StyleRule.h:
(WebCore::StyleRule::create):
(WebCore::StyleRule::parserAdoptSelectorVector):
(WebCore::StyleRuleFontFace::create):
(WebCore::StyleRulePage::create):
(WebCore::StyleRulePage::parserAdoptSelectorVector):
(WebCore::StyleRuleMedia::create):
(WebCore::StyleRuleSupports::create):
(WebCore::StyleRuleRegion::create):
(WebCore::StyleRuleViewport::create):
* css/StyleSheetContents.cpp:
(WebCore::StyleSheetContents::StyleSheetContents):
(WebCore::StyleSheetContents::parseAuthorStyleSheet):
(WebCore::StyleSheetContents::parseStringAtPosition):
* css/StyleSheetContents.h:
* dom/SelectorQuery.cpp:
(WebCore::SelectorQueryCache::SelectorQueryCache):
(WebCore::SelectorQueryCache::add):
* dom/SelectorQuery.h:
* svg/SVGFontFaceElement.cpp:
(WebCore::SVGFontFaceElement::SVGFontFaceElement):

Source/WTF:
Fragmentation-free allocator for timeless and/or coupled allocations.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Introduce BumpArena, a space-efficient memory allocator for situations where
you feel pretty confident betting on allocation lifetimes.

Basic design:

    - Reserves 128MB range of memory at startup.
    - Allocates 4kB-aligned blocks of 4kB from VM at a time.
    - Bump-pointer allocates out of a block until it reaches end.
    - Each allocation increments the ref-count of its block.
    - Each deallocation decrements the ref-count of its block.
    - Transparently falls back to fastMalloc()/fastFree() when needed.

Interface:

    - BumpArena::create()

        Create your very own BumpArena!

    - BumpArena::allocate(BumpArena* arena, size_t size)

        Allocates 'size' bytes of memory from 'arena'.
        If 'arena' is null, falls back to fastMalloc().

    - BumpArena::deallocate(void* ptr)

        If 'ptr' is BumpArena allocation, decrements block ref-count.
        If 'ptr' is FastMalloc allocation, calls fastFree() on it.

    - WTF_MAKE_BUMPARENA_ALLOCATED;

        Macro that gives a class or struct custom operators new and delete
        for allocation out of BumpArena. Just like WTF_MAKE_FAST_ALLOCATED;

Note that while the name of this patch says "fragmentation-free allocator"
it will only be fragmentation-free when used for appropriate things.
This is not meant to be a general-purpose allocator. Only use it for sets of
allocations that are known to die roughly at the same time.

BumpArena will never resume allocating from a block that has been filled,
so it's even more important than usual that everything gets deallocated.

BumpArena redirects allocations to FastMalloc in three cases:

    - When invoked with a null BumpArena*
    - When allocation request is larger than BumpArena's block size (4kB)
    - When BumpArena has exhausted all of its pre-reserved VM. (128MB)

The VM allocator will eagerly return blocks of VM to the kernel by calling
madvise(). Average time spent in madvise is around 0.007ms on my box.

* WTF.vcxproj/WTF.vcxproj:
* WTF.vcxproj/WTF.vcxproj.filters:
* WTF.xcodeproj/project.pbxproj:
* wtf/BumpArena.cpp: Added.
(WTF::BumpArena::Block::capacity):
(WTF::BumpArena::Block::arena):
(WTF::BumpArena::Block::payloadStart):
(WTF::arenas):
(WTF::BumpArena::Block::Block):
(WTF::BumpArena::Block::~Block):
(WTF::BumpArena::Block::ref):
(WTF::BlockAllocator::BlockAllocator):
(WTF::BlockAllocator::isAllocation):
(WTF::blockAllocator):
(WTF::BlockAllocator::allocateBlock):
(WTF::BlockAllocator::deallocateBlock):
(WTF::BumpArena::Block::deref):
(WTF::BumpArena::Block::create):
(WTF::BumpArena::Block::dump):
(WTF::BumpArena::dump):
(WTF::BumpArena::create):
(WTF::BumpArena::BumpArena):
(WTF::BumpArena::~BumpArena):
(WTF::BumpArena::allocateSlow):
(WTF::BumpArena::allocate):
(WTF::BumpArena::deallocate):
(WTF::BumpArena::Block::blockFor):
(WTF::BumpArena::arenaFor):
* wtf/BumpArena.h: Added.
* wtf/CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195141 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoEliminate the margin on timeline elements so multiple timelines can touch.
timothy@apple.com [Fri, 15 Jan 2016 19:55:19 +0000 (19:55 +0000)]
Eliminate the margin on timeline elements so multiple timelines can touch.

* wp-content/themes/webkit/style.css:
(.timeline):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195140 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAir needs a Shuffle instruction
fpizlo@apple.com [Fri, 15 Jan 2016 19:41:56 +0000 (19:41 +0000)]
Air needs a Shuffle instruction
https://bugs.webkit.org/show_bug.cgi?id=152952

Reviewed by Saam Barati.

This adds an instruction called Shuffle. Shuffle allows you to simultaneously perform
multiple moves to perform arbitrary permutations over registers and memory. We call these
rotations. It also allows you to perform "shifts", like (a => b, b => c): after the shift,
c will have b's old value, b will have a's old value, and a will be unchanged. Shifts can
use immediates as their source.

Shuffle is added as a custom instruction, since it has a variable number of arguments. It
takes any number of triplets of arguments, where each triplet describes one mapping of the
shuffle. For example, to represent (a => b, b => c), we might say:

    Shuffle %a, %b, 64, %b, %c, 64

Note the "64"s, those are width arguments that describe how many bits of the register are
being moved. Each triplet is referred to as a "shuffle pair". We call it a pair because the
most relevant part of it is the pair of registers or memroy locations (i.e. %a, %b form one
of the pairs in the example). For GP arguments, the width follows ZDef semantics.

In the future, we will be able to use Shuffle for a lot of things. This patch is modest about
how to use it:

- C calling convention argument marshalling. Previously we used move instructions. But that's
  problematic since it introduces artificial interference between the argument registers and
  the inputs. Using Shuffle removes that interference. This helps a bit.

- Cold C calls. This is what really motivated me to write this patch. If we have a C call on
  a cold path, then we want it to appear to the register allocator like it doesn't clobber
  any registers. Only after register allocation should we handle the clobbering by simply
  saving all of the live volatile registers to the stack. If you imagine the saving and the
  argument marshalling, you can see how before the call, we want to have a Shuffle that does
  both of those things. This is important. If argument marshalling was separate from the
  saving, then we'd still appear to clobber argument registers. Doing them together as one
  Shuffle means that the cold call doesn't appear to even clobber the argument registers.

Unfortunately, I was wrong about cold C calls being the dominant problem with our register
allocator right now. Fixing this revealed other problems in my current tuning benchmark,
Octane/encrypt. Nonetheless, this is a small speed-up across the board, and gives us some
functionality we will need to implement other optimizations.

Relanding after fixing production build.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbstractMacroAssembler.h:
(JSC::isX86_64):
(JSC::isIOS):
(JSC::optimizeForARMv7IDIVSupported):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
(JSC::MacroAssemblerX86Common::swap32):
(JSC::MacroAssemblerX86Common::moveConditionally32):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::store64WithAddressOffsetPatch):
(JSC::MacroAssemblerX86_64::swap64):
(JSC::MacroAssemblerX86_64::move64ToDouble):
* assembler/X86Assembler.h:
(JSC::X86Assembler::xchgl_rr):
(JSC::X86Assembler::xchgl_rm):
(JSC::X86Assembler::xchgq_rr):
(JSC::X86Assembler::xchgq_rm):
(JSC::X86Assembler::movl_rr):
* b3/B3CCallValue.h:
* b3/B3Compilation.cpp:
(JSC::B3::Compilation::Compilation):
(JSC::B3::Compilation::~Compilation):
* b3/B3Compilation.h:
(JSC::B3::Compilation::code):
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::run):
(JSC::B3::Air::LowerToAir::createSelect):
(JSC::B3::Air::LowerToAir::lower):
(JSC::B3::Air::LowerToAir::marshallCCallArgument): Deleted.
* b3/B3OpaqueByproducts.h:
(JSC::B3::OpaqueByproducts::count):
* b3/B3StackmapSpecial.cpp:
(JSC::B3::StackmapSpecial::isArgValidForValue):
(JSC::B3::StackmapSpecial::isArgValidForRep):
* b3/air/AirArg.cpp:
(JSC::B3::Air::Arg::isStackMemory):
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):
(JSC::B3::Air::Arg::canRepresent):
(JSC::B3::Air::Arg::isCompatibleType):
(JSC::B3::Air::Arg::dump):
(WTF::printInternal):
* b3/air/AirArg.h:
(JSC::B3::Air::Arg::forEachType):
(JSC::B3::Air::Arg::isWarmUse):
(JSC::B3::Air::Arg::cooled):
(JSC::B3::Air::Arg::isEarlyUse):
(JSC::B3::Air::Arg::imm64):
(JSC::B3::Air::Arg::immPtr):
(JSC::B3::Air::Arg::addr):
(JSC::B3::Air::Arg::special):
(JSC::B3::Air::Arg::widthArg):
(JSC::B3::Air::Arg::operator==):
(JSC::B3::Air::Arg::isImm64):
(JSC::B3::Air::Arg::isSomeImm):
(JSC::B3::Air::Arg::isAddr):
(JSC::B3::Air::Arg::isIndex):
(JSC::B3::Air::Arg::isMemory):
(JSC::B3::Air::Arg::isRelCond):
(JSC::B3::Air::Arg::isSpecial):
(JSC::B3::Air::Arg::isWidthArg):
(JSC::B3::Air::Arg::isAlive):
(JSC::B3::Air::Arg::base):
(JSC::B3::Air::Arg::hasOffset):
(JSC::B3::Air::Arg::offset):
(JSC::B3::Air::Arg::width):
(JSC::B3::Air::Arg::isGPTmp):
(JSC::B3::Air::Arg::isGP):
(JSC::B3::Air::Arg::isFP):
(JSC::B3::Air::Arg::isType):
(JSC::B3::Air::Arg::isGPR):
(JSC::B3::Air::Arg::isValidForm):
(JSC::B3::Air::Arg::forEachTmpFast):
* b3/air/AirBasicBlock.h:
(JSC::B3::Air::BasicBlock::insts):
(JSC::B3::Air::BasicBlock::appendInst):
(JSC::B3::Air::BasicBlock::append):
* b3/air/AirCCallingConvention.cpp: Added.
(JSC::B3::Air::computeCCallingConvention):
(JSC::B3::Air::cCallResult):
(JSC::B3::Air::buildCCall):
* b3/air/AirCCallingConvention.h: Added.
* b3/air/AirCode.h:
(JSC::B3::Air::Code::proc):
* b3/air/AirCustom.cpp: Added.
(JSC::B3::Air::CCallCustom::isValidForm):
(JSC::B3::Air::CCallCustom::generate):
(JSC::B3::Air::ShuffleCustom::isValidForm):
(JSC::B3::Air::ShuffleCustom::generate):
* b3/air/AirCustom.h:
(JSC::B3::Air::PatchCustom::forEachArg):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::CCallCustom::isValidFormStatic):
(JSC::B3::Air::CCallCustom::admitsStack):
(JSC::B3::Air::CCallCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::isValidFormStatic):
(JSC::B3::Air::ShuffleCustom::admitsStack):
(JSC::B3::Air::ShuffleCustom::hasNonArgNonControlEffects):
* b3/air/AirEmitShuffle.cpp: Added.
(JSC::B3::Air::ShufflePair::dump):
(JSC::B3::Air::emitShuffle):
* b3/air/AirEmitShuffle.h: Added.
(JSC::B3::Air::ShufflePair::ShufflePair):
(JSC::B3::Air::ShufflePair::src):
(JSC::B3::Air::ShufflePair::dst):
(JSC::B3::Air::ShufflePair::width):
* b3/air/AirGenerate.cpp:
(JSC::B3::Air::prepareForGeneration):
* b3/air/AirGenerate.h:
* b3/air/AirInsertionSet.cpp:
(JSC::B3::Air::InsertionSet::insertInsts):
(JSC::B3::Air::InsertionSet::execute):
* b3/air/AirInsertionSet.h:
(JSC::B3::Air::InsertionSet::insertInst):
(JSC::B3::Air::InsertionSet::insert):
* b3/air/AirInst.h:
(JSC::B3::Air::Inst::operator bool):
(JSC::B3::Air::Inst::append):
* b3/air/AirLowerAfterRegAlloc.cpp: Added.
(JSC::B3::Air::lowerAfterRegAlloc):
* b3/air/AirLowerAfterRegAlloc.h: Added.
* b3/air/AirLowerMacros.cpp: Added.
(JSC::B3::Air::lowerMacros):
* b3/air/AirLowerMacros.h: Added.
* b3/air/AirOpcode.opcodes:
* b3/air/AirRegisterPriority.h:
(JSC::B3::Air::regsInPriorityOrder):
* b3/air/testair.cpp: Added.
(hiddenTruthBecauseNoReturnIsStupid):
(usage):
(JSC::B3::Air::compile):
(JSC::B3::Air::invoke):
(JSC::B3::Air::compileAndRun):
(JSC::B3::Air::testSimple):
(JSC::B3::Air::loadConstantImpl):
(JSC::B3::Air::loadConstant):
(JSC::B3::Air::loadDoubleConstant):
(JSC::B3::Air::testShuffleSimpleSwap):
(JSC::B3::Air::testShuffleSimpleShift):
(JSC::B3::Air::testShuffleLongShift):
(JSC::B3::Air::testShuffleLongShiftBackwards):
(JSC::B3::Air::testShuffleSimpleRotate):
(JSC::B3::Air::testShuffleSimpleBroadcast):
(JSC::B3::Air::testShuffleBroadcastAllRegs):
(JSC::B3::Air::testShuffleTreeShift):
(JSC::B3::Air::testShuffleTreeShiftBackward):
(JSC::B3::Air::testShuffleTreeShiftOtherBackward):
(JSC::B3::Air::testShuffleMultipleShifts):
(JSC::B3::Air::testShuffleRotateWithFringe):
(JSC::B3::Air::testShuffleRotateWithLongFringe):
(JSC::B3::Air::testShuffleMultipleRotates):
(JSC::B3::Air::testShuffleShiftAndRotate):
(JSC::B3::Air::testShuffleShiftAllRegs):
(JSC::B3::Air::testShuffleRotateAllRegs):
(JSC::B3::Air::testShuffleSimpleSwap64):
(JSC::B3::Air::testShuffleSimpleShift64):
(JSC::B3::Air::testShuffleSwapMixedWidth):
(JSC::B3::Air::testShuffleShiftMixedWidth):
(JSC::B3::Air::testShuffleShiftMemory):
(JSC::B3::Air::testShuffleShiftMemoryLong):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs64):
(JSC::B3::Air::combineHiLo):
(JSC::B3::Air::testShuffleShiftMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleRotateMemory):
(JSC::B3::Air::testShuffleRotateMemory64):
(JSC::B3::Air::testShuffleRotateMemoryMixedWidth):
(JSC::B3::Air::testShuffleRotateMemoryAllRegs64):
(JSC::B3::Air::testShuffleRotateMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleSwapDouble):
(JSC::B3::Air::testShuffleShiftDouble):
(JSC::B3::Air::run):
(run):
(main):
* b3/testb3.cpp:
(JSC::B3::testCallSimple):
(JSC::B3::testCallRare):
(JSC::B3::testCallRareLive):
(JSC::B3::testCallSimplePure):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195139 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[INTL] Implement Date.prototype.toLocaleString in ECMA-402
commit-queue@webkit.org [Fri, 15 Jan 2016 19:30:45 +0000 (19:30 +0000)]
[INTL] Implement Date.prototype.toLocaleString in ECMA-402
https://bugs.webkit.org/show_bug.cgi?id=147611

Patch by Andy VanWagoner <thetalecrafter@gmail.com> on 2016-01-15
Reviewed by Benjamin Poulain.

Source/JavaScriptCore:

Expose dateProtoFuncGetTime as thisTimeValue for builtins.
Remove unused code in DateTimeFormat toDateTimeOptions, and make the
function specific to the call in initializeDateTimeFormat. Properly
throw when the options parameter is null.
Add toLocaleString in builtin JavaScript, with it's own specific branch
of toDateTimeOptions.

* CMakeLists.txt:
* DerivedSources.make:
* JavaScriptCore.xcodeproj/project.pbxproj:
* builtins/DatePrototype.js: Added.
(toLocaleString.toDateTimeOptionsAnyAll):
(toLocaleString):
* runtime/CommonIdentifiers.h:
* runtime/DatePrototype.cpp:
(JSC::DatePrototype::finishCreation):
* runtime/DatePrototype.h:
* runtime/IntlDateTimeFormat.cpp:
(JSC::toDateTimeOptionsAnyDate):
(JSC::IntlDateTimeFormat::initializeDateTimeFormat):
(JSC::toDateTimeOptions): Deleted.
* runtime/JSGlobalObject.cpp:
(JSC::JSGlobalObject::init):

LayoutTests:

* js/intl-datetimeformat-expected.txt: Added test for null options.
* js/date-toLocaleString-expected.txt: Added.
* js/date-toLocaleString.html: Added.
* js/script-tests/intl-datetimeformat.js: Added test for null options.
* js/script-tests/date-toLocaleString.js: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195138 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[mips] Implemented emitFunctionPrologue/Epilogue
commit-queue@webkit.org [Fri, 15 Jan 2016 18:53:40 +0000 (18:53 +0000)]
[mips] Implemented emitFunctionPrologue/Epilogue
https://bugs.webkit.org/show_bug.cgi?id=152947

Patch by Konstantin Tokarev <annulen@yandex.ru> on 2016-01-15
Reviewed by Michael Saboff.

* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::popPair):
(JSC::MacroAssemblerMIPS::pushPair):
* jit/AssemblyHelpers.h:
(JSC::AssemblyHelpers::emitFunctionPrologue):
(JSC::AssemblyHelpers::emitFunctionEpilogueWithEmptyFrame):
(JSC::AssemblyHelpers::emitFunctionEpilogue):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195134 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r195084.
commit-queue@webkit.org [Fri, 15 Jan 2016 17:07:50 +0000 (17:07 +0000)]
Unreviewed, rolling out r195084.
https://bugs.webkit.org/show_bug.cgi?id=153132

Broke Production build (Requested by ap on #webkit).

Reverted changeset:

"Air needs a Shuffle instruction"
https://bugs.webkit.org/show_bug.cgi?id=152952
http://trac.webkit.org/changeset/195084

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195133 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAvoid downloading the wrong image for <picture> elements.
hyatt@apple.com [Fri, 15 Jan 2016 17:06:51 +0000 (17:06 +0000)]
Avoid downloading the wrong image for <picture> elements.
https://bugs.webkit.org/show_bug.cgi?id=153027

Reviewed by Dean Jackson.

No tests, since they are always flaky.

* html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::~HTMLImageElement):
(WebCore::HTMLImageElement::createForJSConstructor):
(WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
(WebCore::HTMLImageElement::insertedInto):
(WebCore::HTMLImageElement::removedFrom):
(WebCore::HTMLImageElement::pictureElement):
(WebCore::HTMLImageElement::setPictureElement):
(WebCore::HTMLImageElement::width):
* html/HTMLImageElement.h:
(WebCore::HTMLImageElement::hasShadowControls):
* html/HTMLPictureElement.h:
* html/parser/HTMLConstructionSite.cpp:
(WebCore::HTMLConstructionSite::createHTMLElement):
* html/parser/HTMLPreloadScanner.cpp:
(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

Images that are built underneath a <picture> element are now connected
to that picture element via a setPictureNode call from the parser. This
ensures that the correct <source> elements are examined before checking the image.

This connection between images and their picture owners is handled using a static
HashMap in HTMLImageElement. This connection is made both from the parser and from
DOM insertions, and the map is queried now instead of looking directly at the
image's parentNode().

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195132 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSwitch out from ES6 arrow function syntax to allow the test to work with an older...
antti@apple.com [Fri, 15 Jan 2016 13:23:16 +0000 (13:23 +0000)]
Switch out from ES6 arrow function syntax to allow the test to work with an older WebKit.

* fast/loader/cache-encoding.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195130 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Streams API] Expose ReadableStream and relatives to Worker
youenn.fablet@crf.canon.fr [Fri, 15 Jan 2016 09:14:36 +0000 (09:14 +0000)]
[Streams API] Expose ReadableStream and relatives to Worker
https://bugs.webkit.org/show_bug.cgi?id=152066

Reviewed by Darin Adler.

LayoutTests/imported/w3c:

Rebasing tests as Worker tests are now running.

* web-platform-tests/streams-api/byte-length-queuing-strategy-expected.txt:
* web-platform-tests/streams-api/count-queuing-strategy-expected.txt:
* web-platform-tests/streams-api/readable-streams/bad-underlying-sources-expected.txt:
* web-platform-tests/streams-api/readable-streams/bad-strategies-expected.txt:
* web-platform-tests/streams-api/readable-streams/brand-checks-expected.txt:
* web-platform-tests/streams-api/readable-streams/cancel-expected.txt:
* web-platform-tests/streams-api/readable-streams/count-queuing-strategy-integration-expected.txt:
* web-platform-tests/streams-api/readable-streams/garbage-collection-expected.txt:
* web-platform-tests/streams-api/readable-streams/general-expected.txt:
* web-platform-tests/streams-api/readable-streams/pipe-through-expected.txt:
* web-platform-tests/streams-api/readable-streams/readable-stream-reader-expected.txt:
* web-platform-tests/streams-api/readable-streams/tee-expected.txt:
* web-platform-tests/streams-api/readable-streams/templated-expected.txt:

Source/WebCore:

Covered by rebased tests.

* Modules/streams/ByteLengthQueuingStrategy.idl:
* Modules/streams/CountQueuingStrategy.idl:
* Modules/streams/ReadableStream.idl:
* Modules/streams/ReadableStreamController.idl:
* Modules/streams/ReadableStreamReader.idl:

LayoutTests:

Rebasing tests as ReadableStream is now available in workers.

* js/dom/global-constructors-attributes-dedicated-worker-expected.txt:
* platform/efl/js/dom/global-constructors-attributes-dedicated-worker-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195101 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCORS: Fix the handling of redirected request containing Origin null.
youenn.fablet@crf.canon.fr [Fri, 15 Jan 2016 09:11:52 +0000 (09:11 +0000)]
CORS: Fix the handling of redirected request containing Origin null.
https://bugs.webkit.org/show_bug.cgi?id=128816

Reviewed by Brent Fulgham.

Source/WebCore:

Merging Blink patch from George Ancil (https://chromiumcodereview.appspot.com/20735002).

This patch removes the check for securityOrigin->isUnique() in passesAccessControlCheck().
This check prevented a redirected request with "Origin: null" from being
successful even when the response contains "Access-Control-Allow-Origin: null"

Tests: http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null.html
       http/tests/xmlhttprequest/redirect-cors-origin-null.html

* loader/CrossOriginAccessControl.cpp:
(WebCore::passesAccessControlCheck):

LayoutTests:

Merging Blink patch from George Ancil (https://chromiumcodereview.appspot.com/20735002)

Added two tests to check CORS with Origin null in HTTP redirect and iframe cases.
Updated two test sandboxed iframes test expectations (requests are still denied but error messages are different).

* http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null-expected.txt: Added.
* http/tests/xmlhttprequest/access-control-sandboxed-iframe-allow-origin-null.html: Added.
* http/tests/xmlhttprequest/access-control-sandboxed-iframe-denied-expected.txt:
* http/tests/xmlhttprequest/access-control-sandboxed-iframe-denied-without-wildcard-expected.txt:
* http/tests/xmlhttprequest/redirect-cors-origin-null-expected.txt: Added.
* http/tests/xmlhttprequest/redirect-cors-origin-null.html: Added.
* http/tests/xmlhttprequest/resources/access-control-sandboxed-iframe-allow-origin-null-iframe.html: Added.
* http/tests/xmlhttprequest/resources/access-control-sandboxed-iframe-allow-origin-null.cgi: Added.
* http/tests/xmlhttprequest/resources/redirect-cors-origin-null-pass.php: Added.
* http/tests/xmlhttprequest/resources/redirect-cors-origin-null.php: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195100 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[EFL] WorkQueue methods should be defined inside WTF namespace.
commit-queue@webkit.org [Fri, 15 Jan 2016 08:22:38 +0000 (08:22 +0000)]
[EFL] WorkQueue methods should be defined inside WTF namespace.
https://bugs.webkit.org/show_bug.cgi?id=153097

Patch by Konstantin Tokarev <annulen@yandex.ru> on 2016-01-15
Reviewed by Gyuyoung Kim.

* wtf/efl/WorkQueueEfl.cpp:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195094 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[mips] Add countLeadingZeros32 implementation in macro assembler
julien.brianceau@gmail.com [Fri, 15 Jan 2016 08:11:47 +0000 (08:11 +0000)]
[mips] Add countLeadingZeros32 implementation in macro assembler
https://bugs.webkit.org/show_bug.cgi?id=152886

Reviewed by Michael Saboff.

* assembler/MIPSAssembler.h:
(JSC::MIPSAssembler::lui):
(JSC::MIPSAssembler::clz):
(JSC::MIPSAssembler::addiu):
* assembler/MacroAssemblerMIPS.h:
(JSC::MacroAssemblerMIPS::and32):
(JSC::MacroAssemblerMIPS::countLeadingZeros32):
(JSC::MacroAssemblerMIPS::lshift32):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195093 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r195064.
achristensen@apple.com [Fri, 15 Jan 2016 07:18:47 +0000 (07:18 +0000)]
Unreviewed, rolling out r195064.
https://bugs.webkit.org/show_bug.cgi?id=153118

test fails most of the time (Requested by alexchristensen on
#webkit).

Reverted changeset:

"Avoid downloading the wrong image for <picture> elements."
https://bugs.webkit.org/show_bug.cgi?id=153027
http://trac.webkit.org/changeset/195064

Patch by Commit Queue <commit-queue@webkit.org> on 2016-01-14

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195092 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agocreateElement should not lowercase non-ASCII characters
rniwa@webkit.org [Fri, 15 Jan 2016 06:12:56 +0000 (06:12 +0000)]
createElement should not lowercase non-ASCII characters
https://bugs.webkit.org/show_bug.cgi?id=153114

Reviewed by Alex Christensen.

LayoutTests/imported/w3c:

Rebaselined the tests for document.createElement now that more test cases are passing.

* web-platform-tests/dom/nodes/Document-createElement-expected.txt:
* web-platform-tests/dom/nodes/Document-getElementsByTagName-expected.txt:
* web-platform-tests/dom/nodes/Element-getElementsByTagName-expected.txt:
* web-platform-tests/dom/nodes/case-expected.txt:

Source/WebCore:

According to step 2 in https://dom.spec.whatwg.org/#dom-document-createelement, document.createElement should not
lowercase non-ASCII letters, and this is also what Firefox does. Match that behavior by lowercasing the tag name
by convertToASCIILowercase() instead of lower() in createElement.

Also merged HTMLDocument::createElement into Document::createElement for simplicity and avoid duplicating
the call to isValidName and setting a DOM exception.

No new tests since the behavior change is covered by the existing W3C tests.

* dom/Document.cpp:
(WebCore::Document::createElement): Create a HTML element with ASCII-lowercased tag name inside a HTML document.
* dom/Document.h:
* html/HTMLDocument.cpp:
(WebCore::addLocalNameToSet):
(WebCore::HTMLDocument::createElement): Merged into Document::createElement.
* html/HTMLDocument.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195091 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModern IDB: Support opening and deleting SQLite databases on disk.
beidson@apple.com [Fri, 15 Jan 2016 05:40:39 +0000 (05:40 +0000)]
Modern IDB: Support opening and deleting SQLite databases on disk.
https://bugs.webkit.org/show_bug.cgi?id=153084

Reviewed by Alex Christensen, Sam Weinig and Andy Estes (oh my!).

Source/WebCore:

No new tests (Infrastructure, no testable change in behavior).

* Modules/indexeddb/IDBDatabaseIdentifier.cpp:
(WebCore::IDBDatabaseIdentifier::databaseDirectoryRelativeToRoot):
* Modules/indexeddb/IDBDatabaseIdentifier.h:

* Modules/indexeddb/server/IDBServer.cpp:
(WebCore::IDBServer::IDBServer::create):
(WebCore::IDBServer::IDBServer::IDBServer):
(WebCore::IDBServer::IDBServer::createBackingStore):
* Modules/indexeddb/server/IDBServer.h:

* Modules/indexeddb/server/SQLiteIDBBackingStore.cpp:
(WebCore::IDBServer::SQLiteIDBBackingStore::SQLiteIDBBackingStore):
(WebCore::IDBServer::SQLiteIDBBackingStore::getOrEstablishDatabaseInfo):
(WebCore::IDBServer::SQLiteIDBBackingStore::deleteBackingStore):
* Modules/indexeddb/server/SQLiteIDBBackingStore.h:

* Modules/indexeddb/shared/InProcessIDBServer.cpp:
(WebCore::InProcessIDBServer::create):
(WebCore::InProcessIDBServer::InProcessIDBServer):
* Modules/indexeddb/shared/InProcessIDBServer.h:

Source/WebKit:

* Storage/WebDatabaseProvider.cpp:
(WebDatabaseProvider::idbConnectionToServerForSession):
* Storage/WebDatabaseProvider.h:

* WebKit.xcodeproj/project.pbxproj:

Source/WebKit/mac:

* Storage/WebDatabaseProvider.mm: Copied from Source/WebKit/Storage/WebDatabaseProvider.cpp.
(WebDatabaseProvider::indexedDatabaseDirectoryPath):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195090 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoTest gardening after r195088
mmaxfield@apple.com [Fri, 15 Jan 2016 05:23:21 +0000 (05:23 +0000)]
Test gardening after r195088

Unreviewed.

* http/tests/contentextensions/font-display-none-repeated-layout-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195089 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMixing Content Blocking of fonts and display:none rules causes battery drain
mmaxfield@apple.com [Fri, 15 Jan 2016 03:31:52 +0000 (03:31 +0000)]
Mixing Content Blocking of fonts and display:none rules causes battery drain
https://bugs.webkit.org/show_bug.cgi?id=153051
<rdar://problem/23187709>

Reviewed by Alex Christensen.

Source/WebCore:

If we have applied a rule before and we are not applying it again, don't
resolve the style again.

Test: http/tests/contentextensions/font-display-none-repeated-layout.html

* contentextensions/ContentExtensionStyleSheet.cpp:
(WebCore::ContentExtensions::ContentExtensionStyleSheet::addDisplayNoneSelector):
* contentextensions/ContentExtensionStyleSheet.h:
* dom/ExtensionStyleSheets.cpp:
(WebCore::ExtensionStyleSheets::addDisplayNoneSelector):

LayoutTests:

Make sure that layoutCount does not skyrocket.

* http/tests/contentextensions/font-display-none-repeated-layout-expected.txt: Added.
* http/tests/contentextensions/font-display-none-repeated-layout.html: Added.
* http/tests/contentextensions/font-display-none-repeated-layout.html.json: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195088 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd document.defineCustomElement
rniwa@webkit.org [Fri, 15 Jan 2016 02:59:03 +0000 (02:59 +0000)]
Add document.defineCustomElement
https://bugs.webkit.org/show_bug.cgi?id=153092

Reviewed by Chris Dumez.

Source/WebCore:

Added document.defineCustomElement and added a constructor to HTMLElement which can be called
as "super" in a subclass of HTMLElement. This is a prototype of new custom elements API and
willfully violates the current specification at http://w3c.github.io/webcomponents/spec/custom/

Each author defined class can define multiple elements using distinct tag names. In such cases,
the super call must specify the tag name. e.g.

class SomeCustomElement extends HTMLElement { constructor(name) { super(name); } }
document.defineCustomElement('some-custom-element', SomeCustomElement);
document.defineCustomElement('other-custom-element', SomeCustomElement);
new SomeCustomElement('some-custom-element');

When a class is associated with exactly one tag name, the argument can be omitted. e.g.

class AnotherCustomElement extends HTMLElement {}
document.defineCustomElement('another-custom-element', AnotherCustomElement);
new AnotherCustomElement();

We allow only subclassing of HTMLElement and only in (X)HTML namespace.

Tests: fast/custom-elements/Document-defineCustomElement.html
       fast/custom-elements/HTMLElement-constructor.html

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:

* bindings/js/JSCustomElementInterface.cpp: Added. Abstracts an author-defined class associated
with a custom element. It's a Active DOM object and lives until the associated document dies.
(WebCore::JSCustomElementInterface::JSCustomElementInterface):
(WebCore::JSCustomElementInterface::~JSCustomElementInterface):
* bindings/js/JSCustomElementInterface.h: Added.
(WebCore::JSCustomElementInterface::create):
(WebCore::JSCustomElementInterface::scriptExecutionContext):
(WebCore::JSCustomElementInterface::constructor):

* bindings/js/JSDocumentCustom.cpp:
(WebCore::JSDocument::defineCustomElement): Added. Define a custom element by associating a tag
name with an author defined JS class after validating arguments.

* bindings/js/JSHTMLElementCustom.cpp:
(WebCore::constructJSHTMLElement): Added. Look up the tag name based on new.target if one is not
specified. If a tag name is specified, check that new.target is associated with the tag name.

* dom/CustomElementDefinitions.cpp: Added.
(WebCore::CustomElementDefinitions::checkName): Added. Restricts tag names similarly to
http://w3c.github.io/webcomponents/spec/custom/#dfn-custom-element-type
(WebCore::CustomElementDefinitions::defineElement): Added. Associates a JS class with a tag name.
(WebCore::CustomElementDefinitions::findInterface): Added. Finds a JS class by a tag name.
(WebCore::CustomElementDefinitions::findName): Added. Finds a tag name by a JS class.
* dom/CustomElementDefinitions.h: Added.
(WebCore::CustomElementDefinitions::CustomElementInfo): Added.

* dom/Document.cpp:
(WebCore::Document::ensureCustomElementDefinitions): Added.
* dom/Document.h:
(WebCore::Document::customElementDefinitions): Added.

* dom/Document.idl:
* html/HTMLElement.idl:

LayoutTests:

Added tests for document.defineCustomElement and instantiating custom elements.

* TestExpectations: Skipped the tests on non-Mac ports.
* fast/custom-elements: Added.
* fast/custom-elements/Document-defineCustomElement-expected.txt: Added.
* fast/custom-elements/Document-defineCustomElement.html: Added.
* fast/custom-elements/HTMLElement-constructor-expected.txt: Added.
* fast/custom-elements/HTMLElement-constructor.html: Added.
* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195087 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAir needs a Shuffle instruction
fpizlo@apple.com [Fri, 15 Jan 2016 00:58:22 +0000 (00:58 +0000)]
Air needs a Shuffle instruction
https://bugs.webkit.org/show_bug.cgi?id=152952

Reviewed by Saam Barati.

This adds an instruction called Shuffle. Shuffle allows you to simultaneously perform
multiple moves to perform arbitrary permutations over registers and memory. We call these
rotations. It also allows you to perform "shifts", like (a => b, b => c): after the shift,
c will have b's old value, b will have a's old value, and a will be unchanged. Shifts can
use immediates as their source.

Shuffle is added as a custom instruction, since it has a variable number of arguments. It
takes any number of triplets of arguments, where each triplet describes one mapping of the
shuffle. For example, to represent (a => b, b => c), we might say:

    Shuffle %a, %b, 64, %b, %c, 64

Note the "64"s, those are width arguments that describe how many bits of the register are
being moved. Each triplet is referred to as a "shuffle pair". We call it a pair because the
most relevant part of it is the pair of registers or memroy locations (i.e. %a, %b form one
of the pairs in the example). For GP arguments, the width follows ZDef semantics.

In the future, we will be able to use Shuffle for a lot of things. This patch is modest about
how to use it:

- C calling convention argument marshalling. Previously we used move instructions. But that's
  problematic since it introduces artificial interference between the argument registers and
  the inputs. Using Shuffle removes that interference. This helps a bit.

- Cold C calls. This is what really motivated me to write this patch. If we have a C call on
  a cold path, then we want it to appear to the register allocator like it doesn't clobber
  any registers. Only after register allocation should we handle the clobbering by simply
  saving all of the live volatile registers to the stack. If you imagine the saving and the
  argument marshalling, you can see how before the call, we want to have a Shuffle that does
  both of those things. This is important. If argument marshalling was separate from the
  saving, then we'd still appear to clobber argument registers. Doing them together as one
  Shuffle means that the cold call doesn't appear to even clobber the argument registers.

Unfortunately, I was wrong about cold C calls being the dominant problem with our register
allocator right now. Fixing this revealed other problems in my current tuning benchmark,
Octane/encrypt. Nonetheless, this is a small speed-up across the board, and gives us some
functionality we will need to implement other optimizations.

* CMakeLists.txt:
* JavaScriptCore.xcodeproj/project.pbxproj:
* assembler/AbstractMacroAssembler.h:
(JSC::isX86_64):
(JSC::isIOS):
(JSC::optimizeForARMv7IDIVSupported):
* assembler/MacroAssemblerX86Common.h:
(JSC::MacroAssemblerX86Common::zeroExtend32ToPtr):
(JSC::MacroAssemblerX86Common::swap32):
(JSC::MacroAssemblerX86Common::moveConditionally32):
* assembler/MacroAssemblerX86_64.h:
(JSC::MacroAssemblerX86_64::store64WithAddressOffsetPatch):
(JSC::MacroAssemblerX86_64::swap64):
(JSC::MacroAssemblerX86_64::move64ToDouble):
* assembler/X86Assembler.h:
(JSC::X86Assembler::xchgl_rr):
(JSC::X86Assembler::xchgl_rm):
(JSC::X86Assembler::xchgq_rr):
(JSC::X86Assembler::xchgq_rm):
(JSC::X86Assembler::movl_rr):
* b3/B3CCallValue.h:
* b3/B3Compilation.cpp:
(JSC::B3::Compilation::Compilation):
(JSC::B3::Compilation::~Compilation):
* b3/B3Compilation.h:
(JSC::B3::Compilation::code):
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::run):
(JSC::B3::Air::LowerToAir::createSelect):
(JSC::B3::Air::LowerToAir::lower):
(JSC::B3::Air::LowerToAir::marshallCCallArgument): Deleted.
* b3/B3OpaqueByproducts.h:
(JSC::B3::OpaqueByproducts::count):
* b3/B3StackmapSpecial.cpp:
(JSC::B3::StackmapSpecial::isArgValidForValue):
(JSC::B3::StackmapSpecial::isArgValidForRep):
* b3/air/AirArg.cpp:
(JSC::B3::Air::Arg::isStackMemory):
(JSC::B3::Air::Arg::isRepresentableAs):
(JSC::B3::Air::Arg::usesTmp):
(JSC::B3::Air::Arg::canRepresent):
(JSC::B3::Air::Arg::isCompatibleType):
(JSC::B3::Air::Arg::dump):
(WTF::printInternal):
* b3/air/AirArg.h:
(JSC::B3::Air::Arg::forEachType):
(JSC::B3::Air::Arg::isWarmUse):
(JSC::B3::Air::Arg::cooled):
(JSC::B3::Air::Arg::isEarlyUse):
(JSC::B3::Air::Arg::imm64):
(JSC::B3::Air::Arg::immPtr):
(JSC::B3::Air::Arg::addr):
(JSC::B3::Air::Arg::special):
(JSC::B3::Air::Arg::widthArg):
(JSC::B3::Air::Arg::operator==):
(JSC::B3::Air::Arg::isImm64):
(JSC::B3::Air::Arg::isSomeImm):
(JSC::B3::Air::Arg::isAddr):
(JSC::B3::Air::Arg::isIndex):
(JSC::B3::Air::Arg::isMemory):
(JSC::B3::Air::Arg::isRelCond):
(JSC::B3::Air::Arg::isSpecial):
(JSC::B3::Air::Arg::isWidthArg):
(JSC::B3::Air::Arg::isAlive):
(JSC::B3::Air::Arg::base):
(JSC::B3::Air::Arg::hasOffset):
(JSC::B3::Air::Arg::offset):
(JSC::B3::Air::Arg::width):
(JSC::B3::Air::Arg::isGPTmp):
(JSC::B3::Air::Arg::isGP):
(JSC::B3::Air::Arg::isFP):
(JSC::B3::Air::Arg::isType):
(JSC::B3::Air::Arg::isGPR):
(JSC::B3::Air::Arg::isValidForm):
(JSC::B3::Air::Arg::forEachTmpFast):
* b3/air/AirBasicBlock.h:
(JSC::B3::Air::BasicBlock::insts):
(JSC::B3::Air::BasicBlock::appendInst):
(JSC::B3::Air::BasicBlock::append):
* b3/air/AirCCallingConvention.cpp: Added.
(JSC::B3::Air::computeCCallingConvention):
(JSC::B3::Air::cCallResult):
(JSC::B3::Air::buildCCall):
* b3/air/AirCCallingConvention.h: Added.
* b3/air/AirCode.h:
(JSC::B3::Air::Code::proc):
* b3/air/AirCustom.cpp: Added.
(JSC::B3::Air::CCallCustom::isValidForm):
(JSC::B3::Air::CCallCustom::generate):
(JSC::B3::Air::ShuffleCustom::isValidForm):
(JSC::B3::Air::ShuffleCustom::generate):
* b3/air/AirCustom.h:
(JSC::B3::Air::PatchCustom::forEachArg):
(JSC::B3::Air::PatchCustom::generate):
(JSC::B3::Air::CCallCustom::forEachArg):
(JSC::B3::Air::CCallCustom::isValidFormStatic):
(JSC::B3::Air::CCallCustom::admitsStack):
(JSC::B3::Air::CCallCustom::hasNonArgNonControlEffects):
(JSC::B3::Air::ColdCCallCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::forEachArg):
(JSC::B3::Air::ShuffleCustom::isValidFormStatic):
(JSC::B3::Air::ShuffleCustom::admitsStack):
(JSC::B3::Air::ShuffleCustom::hasNonArgNonControlEffects):
* b3/air/AirEmitShuffle.cpp: Added.
(JSC::B3::Air::ShufflePair::dump):
(JSC::B3::Air::emitShuffle):
* b3/air/AirEmitShuffle.h: Added.
(JSC::B3::Air::ShufflePair::ShufflePair):
(JSC::B3::Air::ShufflePair::src):
(JSC::B3::Air::ShufflePair::dst):
(JSC::B3::Air::ShufflePair::width):
* b3/air/AirGenerate.cpp:
(JSC::B3::Air::prepareForGeneration):
* b3/air/AirGenerate.h:
* b3/air/AirInsertionSet.cpp:
(JSC::B3::Air::InsertionSet::insertInsts):
(JSC::B3::Air::InsertionSet::execute):
* b3/air/AirInsertionSet.h:
(JSC::B3::Air::InsertionSet::insertInst):
(JSC::B3::Air::InsertionSet::insert):
* b3/air/AirInst.h:
(JSC::B3::Air::Inst::operator bool):
(JSC::B3::Air::Inst::append):
* b3/air/AirLowerAfterRegAlloc.cpp: Added.
(JSC::B3::Air::lowerAfterRegAlloc):
* b3/air/AirLowerAfterRegAlloc.h: Added.
* b3/air/AirLowerMacros.cpp: Added.
(JSC::B3::Air::lowerMacros):
* b3/air/AirLowerMacros.h: Added.
* b3/air/AirOpcode.opcodes:
* b3/air/AirRegisterPriority.h:
(JSC::B3::Air::regsInPriorityOrder):
* b3/air/testair.cpp: Added.
(hiddenTruthBecauseNoReturnIsStupid):
(usage):
(JSC::B3::Air::compile):
(JSC::B3::Air::invoke):
(JSC::B3::Air::compileAndRun):
(JSC::B3::Air::testSimple):
(JSC::B3::Air::loadConstantImpl):
(JSC::B3::Air::loadConstant):
(JSC::B3::Air::loadDoubleConstant):
(JSC::B3::Air::testShuffleSimpleSwap):
(JSC::B3::Air::testShuffleSimpleShift):
(JSC::B3::Air::testShuffleLongShift):
(JSC::B3::Air::testShuffleLongShiftBackwards):
(JSC::B3::Air::testShuffleSimpleRotate):
(JSC::B3::Air::testShuffleSimpleBroadcast):
(JSC::B3::Air::testShuffleBroadcastAllRegs):
(JSC::B3::Air::testShuffleTreeShift):
(JSC::B3::Air::testShuffleTreeShiftBackward):
(JSC::B3::Air::testShuffleTreeShiftOtherBackward):
(JSC::B3::Air::testShuffleMultipleShifts):
(JSC::B3::Air::testShuffleRotateWithFringe):
(JSC::B3::Air::testShuffleRotateWithLongFringe):
(JSC::B3::Air::testShuffleMultipleRotates):
(JSC::B3::Air::testShuffleShiftAndRotate):
(JSC::B3::Air::testShuffleShiftAllRegs):
(JSC::B3::Air::testShuffleRotateAllRegs):
(JSC::B3::Air::testShuffleSimpleSwap64):
(JSC::B3::Air::testShuffleSimpleShift64):
(JSC::B3::Air::testShuffleSwapMixedWidth):
(JSC::B3::Air::testShuffleShiftMixedWidth):
(JSC::B3::Air::testShuffleShiftMemory):
(JSC::B3::Air::testShuffleShiftMemoryLong):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs):
(JSC::B3::Air::testShuffleShiftMemoryAllRegs64):
(JSC::B3::Air::combineHiLo):
(JSC::B3::Air::testShuffleShiftMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleRotateMemory):
(JSC::B3::Air::testShuffleRotateMemory64):
(JSC::B3::Air::testShuffleRotateMemoryMixedWidth):
(JSC::B3::Air::testShuffleRotateMemoryAllRegs64):
(JSC::B3::Air::testShuffleRotateMemoryAllRegsMixedWidth):
(JSC::B3::Air::testShuffleSwapDouble):
(JSC::B3::Air::testShuffleShiftDouble):
(JSC::B3::Air::run):
(run):
(main):
* b3/testb3.cpp:
(JSC::B3::testCallSimple):
(JSC::B3::testCallRare):
(JSC::B3::testCallRareLive):
(JSC::B3::testCallSimplePure):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195084 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[webkitdirs] Replaced grep invocation with perl code
commit-queue@webkit.org [Fri, 15 Jan 2016 00:50:15 +0000 (00:50 +0000)]
[webkitdirs] Replaced grep invocation with perl code
https://bugs.webkit.org/show_bug.cgi?id=153106

Patch by Konstantin Tokarev <annulen@yandex.ru> on 2016-01-14
Reviewed by Alex Christensen.

* Scripts/webkitdirs.pm:
(determineArchitecture):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195083 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemove workaround for rdar://problem/23623670
simon.fraser@apple.com [Fri, 15 Jan 2016 00:14:14 +0000 (00:14 +0000)]
Remove workaround for rdar://problem/23623670
https://bugs.webkit.org/show_bug.cgi?id=153107
rdar://problem/23633319

Reviewed by Tim Horton.

Remove the code that uses IOSurfaceAcceleratorTransformSurface() when copying from
back-to-front buffer, now that CGIOSurfaceContextCreate()-code path works correctly.

Source/WebCore:

* platform/graphics/cocoa/IOSurface.h:
* platform/graphics/cocoa/IOSurface.mm:
(IOSurface::ensurePlatformContext):
(IOSurface::copyToSurface): Deleted.

Source/WebKit2:

* Shared/mac/RemoteLayerBackingStore.mm:
(WebKit::RemoteLayerBackingStore::display):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195082 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWK1 and WK2 should share more candidate request code
bdakin@apple.com [Fri, 15 Jan 2016 00:07:36 +0000 (00:07 +0000)]
WK1 and WK2 should share more candidate request code
https://bugs.webkit.org/show_bug.cgi?id=153108

Reviewed by Simon Fraser.

requestCandidatesForSelection() does not need to be exposed as an
EditorClient function. WK1 can just call invoke this code from the existing
respondToChangedSelection EditorClient function, which is what WK2 does.
Source/WebCore:

* editing/Editor.cpp:
(WebCore::Editor::respondToChangedSelection):
* loader/EmptyClients.h:
* page/EditorClient.h:
(WebCore::EditorClient::supportsGlobalSelection):

Source/WebKit/mac:

* WebCoreSupport/WebEditorClient.h:
* WebCoreSupport/WebEditorClient.mm:
(WebEditorClient::respondToChangedSelection):

Cleanup — use some code that was moved to WebCore::Editor.
(WebEditorClient::requestCandidatesForSelection):
(WebEditorClient::handleRequestedCandidates):
(textCheckingResultFromNSTextCheckingResult):
(WebEditorClient::handleAcceptedCandidate):
(candidateRangeForSelection): Deleted.
(candidateWouldReplaceText): Deleted.

Source/WebKit2:

* WebProcess/WebCoreSupport/WebEditorClient.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195081 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoprepare-changelog does not read paths containing spaces properly
bburg@apple.com [Thu, 14 Jan 2016 23:07:44 +0000 (23:07 +0000)]
prepare-changelog does not read paths containing spaces properly
https://bugs.webkit.org/show_bug.cgi?id=137982

Reviewed by Joseph Pecoraro.

Escape whitespace in filenames before passing the file path to other functions.

* Scripts/prepare-ChangeLog:
(generateFunctionLists): Use the more explicit 3-argument form of 'open'.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195080 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r195035.
cdumez@apple.com [Thu, 14 Jan 2016 23:00:24 +0000 (23:00 +0000)]
Unreviewed, rolling out r195035.

Caused 1-3% PLT regression on iOS

Reverted changeset:

"Part 2/2: Stop using USE(CFNETWORK) path on iOS"
https://bugs.webkit.org/show_bug.cgi?id=142540
http://trac.webkit.org/changeset/195035

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195079 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWK2: Request completion candidates when needed
bdakin@apple.com [Thu, 14 Jan 2016 22:44:26 +0000 (22:44 +0000)]
WK2: Request completion candidates when needed
https://bugs.webkit.org/show_bug.cgi?id=153040
-and corresponding-
rdar://problem/24155631

Reviewed by Enrica Casucci and Tim Horton.

Source/WebCore:

Helper functions for stringForCandidateRequest() and
handleAcceptedCandidate()
* editing/Editor.cpp:
(WebCore::candidateRangeForSelection):
(WebCore::candidateWouldReplaceText):

Request candidates for the word that is currently being typed so long as the
candidate would replace that word. Otherwise, use String().
(WebCore::Editor::stringForCandidateRequest):

When a candidate has been accepted, insert the text.
(WebCore::Editor::handleAcceptedCandidate):
* editing/Editor.h:

Source/WebKit2:

Mac needs to support postLayoutData in order to have some layout-related
editing information to request candidates. This patch re-shuffles some items
in the struct so that they can be shared by Mac and iOS, and it adds 3 new
items for Mac only.
* Shared/EditorState.cpp:
(WebKit::EditorState::encode):
(WebKit::EditorState::decode):
(WebKit::EditorState::PostLayoutData::encode):
(WebKit::EditorState::PostLayoutData::decode):
* Shared/EditorState.h:

Request and handle candidates here in WebViewImpl, and cache the
m_lastStringForCandidateRequest so that we can ensure the results we receive
were received in a timely enough manner that they are still for the same
String.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::selectionDidChange):

When selection changes, request new candidates.
(WebKit::WebViewImpl::requestCandidatesForSelectionIfNeeded):

Once candidates have been received, we ask the sharedSpellChecker to show
them.
(WebKit::WebViewImpl::handleRequestedCandidates):

If a candidate is accepted, we ask the WebProcess to accept it, so we start
by converting the NSTextCheckingResult to a WebCore::TextCheckingResult.
(WebKit::textCheckingResultFromNSTextCheckingResult):
(WebKit::WebViewImpl::handleAcceptedCandidate):

Ask the WebProcess to handle accepting the candidate.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::handleAcceptedCandidate):
* UIProcess/WebPageProxy.h:
* WebProcess/WebPage/WebPage.h:
(WebKit::WebPage:: handleAcceptedCandidate):
* WebProcess/WebPage/WebPage.messages.in:

Now that Mac has some postLayoutData in the EditorState, fill that in in
platformEditorState().
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::platformEditorState):

Ask WebCore::Editor to handle the accepted candidate.
(WebKit::WebPage::handleAcceptedCandidate):

LayoutTests:

Getting updated EditorState in platformEditorState causes some extra layout
to happen, so now the layout test results for WK2 reflect the results that we
already see on iOS for this test and they reflect the render tree as it is
when you load the page in browser.
* platform/mac/fast/dom/focus-contenteditable-expected.txt:

WebKit 1 is not affected by these new results, so this adds WK-1 only results
that match the old Mac results.
* platform/mac-wk1/fast/dom: Added.
* platform/mac-wk1/fast/dom/focus-contenteditable-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195078 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed mark passing es6 tests as no longer failing.
keith_miller@apple.com [Thu, 14 Jan 2016 22:44:19 +0000 (22:44 +0000)]
Unreviewed mark passing es6 tests as no longer failing.

* tests/es6.yaml:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195077 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoStandardize the usage of "branch" vs. "branchName". https://bugs.webkit.org/show_bug...
jmarcell@apple.com [Thu, 14 Jan 2016 22:33:02 +0000 (22:33 +0000)]
Standardize the usage of "branch" vs. "branchName". https://bugs.webkit.org/show_bug.cgi?id=152982

Reviewed by Daniel Bates.

In an earlier patch we started using the name "branch" to indicate a branch object, whereas
"branchName" implies that the variable or property in question is simply a string.

* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/BuildbotQueueView.js:
(BuildbotQueueView.prototype._popoverLinesForCommitRange): Change branch to branchName.
(BuildbotQueueView.prototype._presentPopoverForRevisionRange): Change branch to branch.name.
(BuildbotQueueView.prototype._revisionContentWithPopoverForIteration): Change branch to branchName.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/Trac.js:
(Trac.prototype.commitsOnBranch): Change branch to branchName.
(Trac.prototype._convertCommitInfoElementToObject): Ditto.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockTrac.js:
(MockTrac): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195076 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoDisallow use of Geolocation service from unique origins
dbates@webkit.org [Thu, 14 Jan 2016 21:42:35 +0000 (21:42 +0000)]
Disallow use of Geolocation service from unique origins
https://bugs.webkit.org/show_bug.cgi?id=153102
<rdar://problem/23055645>

Reviewed by Alexey Proskuryakov.

Source/WebCore:

Tests: fast/dom/Geolocation/dataURL-getCurrentPosition.html
       fast/dom/Geolocation/dataURL-watchPosition.html
       fast/dom/Geolocation/srcdoc-getCurrentPosition.html
       fast/dom/Geolocation/srcdoc-watchPosition.html
       http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html
       http/tests/security/sandboxed-iframe-geolocation-watchPosition.html

* Modules/geolocation/Geolocation.cpp:
(WebCore::Geolocation::securityOrigin): Convenience function to get the SecurityOrigin object
associated with this script execution context.
(WebCore::Geolocation::startRequest): Notify requester POSITION_UNAVAILABLE when requested
from a document with a unique origin.
* Modules/geolocation/Geolocation.h:
* page/SecurityOrigin.h:
(WebCore::SecurityOrigin::canRequestGeolocation): Added.

LayoutTests:

* fast/dom/Geolocation/dataURL-getCurrentPosition-expected.txt: Added.
* fast/dom/Geolocation/dataURL-getCurrentPosition.html: Added.
* fast/dom/Geolocation/dataURL-watchPosition-expected.txt: Added.
* fast/dom/Geolocation/dataURL-watchPosition.html: Added.
* fast/dom/Geolocation/srcdoc-getCurrentPosition-expected.txt: Added.
* fast/dom/Geolocation/srcdoc-getCurrentPosition.html: Added.
* fast/dom/Geolocation/srcdoc-watchPosition-expected.txt: Added.
* fast/dom/Geolocation/srcdoc-watchPosition.html: Added.
* http/tests/security/resources/checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod.js: Added.
(done):
(logMessage):
(didReceivePosition):
(didReceiveError):
(checkThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(markupToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
(dataURLToCheckThatPositionErrorCallbackIsCalledWithPositionUnavailableForGeolocationMethod):
* http/tests/security/resources/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
* http/tests/security/resources/sandboxed-iframe-geolocation-watchPosition.html: Added.
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition-expected.txt: Added.
* http/tests/security/sandboxed-iframe-geolocation-getCurrentPosition.html: Added.
* http/tests/security/sandboxed-iframe-geolocation-watchPosition-expected.txt: Added.
* http/tests/security/sandboxed-iframe-geolocation-watchPosition.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195075 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[XSS Auditor] Extract attribute truncation logic and formalize string canonicalization
dbates@webkit.org [Thu, 14 Jan 2016 21:40:13 +0000 (21:40 +0000)]
[XSS Auditor] Extract attribute truncation logic and formalize string canonicalization
https://bugs.webkit.org/show_bug.cgi?id=152874

Reviewed by Brent Fulgham.

Derived from Blink patch (by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=176339&view=revision>

Extract the src-like and script-like attribute truncation logic into independent functions
towards making it more straightforward to re-purpose this logic. Additionally, formalize the
concept of string canonicalization as a member function that consolidates the process of
decoding URL escape sequences, truncating the decoded string (if applicable), and removing
characters that are considered noise.

* html/parser/XSSAuditor.cpp:
(WebCore::truncateForSrcLikeAttribute): Extracted from XSSAuditor::decodedSnippetForAttribute().
(WebCore::truncateForScriptLikeAttribute): Ditto.
(WebCore::XSSAuditor::init): Write in terms of XSSAuditor::canonicalize().
(WebCore::XSSAuditor::filterCharacterToken): Updated to make use of formalized canonicalization methods.
(WebCore::XSSAuditor::filterScriptToken): Ditto.
(WebCore::XSSAuditor::filterObjectToken): Ditto.
(WebCore::XSSAuditor::filterParamToken): Ditto.
(WebCore::XSSAuditor::filterEmbedToken): Ditto.
(WebCore::XSSAuditor::filterAppletToken): Ditto.
(WebCore::XSSAuditor::filterFrameToken): Ditto.
(WebCore::XSSAuditor::filterInputToken): Ditto.
(WebCore::XSSAuditor::filterButtonToken): Ditto.
(WebCore::XSSAuditor::eraseDangerousAttributesIfInjected): Ditto.
(WebCore::XSSAuditor::eraseAttributeIfInjected): Updated code to use early return style and avoid an unnecessary string
comparison when we know that a src attribute was injected.
(WebCore::XSSAuditor::canonicalizedSnippetForTagName): Renamed; formerly known as XSSAuditor::decodedSnippetForName(). Updated
to make use of XSSAuditor::canonicalize().
(WebCore::XSSAuditor::snippetFromAttribute): Renamed; formerly known as XSSAuditor::decodedSnippetForAttribute(). Moved
truncation logic from here to WebCore::truncateFor{Script, Src}LikeAttribute.
(WebCore::XSSAuditor::canonicalize): Added.
(WebCore::XSSAuditor::canonicalizedSnippetForJavaScript): Added.
(WebCore::canonicalize): Deleted.
(WebCore::XSSAuditor::decodedSnippetForName): Deleted.
(WebCore::XSSAuditor::decodedSnippetForAttribute): Deleted.
(WebCore::XSSAuditor::decodedSnippetForJavaScript): Deleted.
* html/parser/XSSAuditor.h: Define enum class for the various attribute truncation styles.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195074 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[XSS Auditor] Partial bypass when web server collapses path components
dbates@webkit.org [Thu, 14 Jan 2016 21:37:49 +0000 (21:37 +0000)]
[XSS Auditor] Partial bypass when web server collapses path components
https://bugs.webkit.org/show_bug.cgi?id=152872

Reviewed by Brent Fulgham.

Merged from Blink (patch by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=167610&view=revision>

Source/WebCore:

Test: http/tests/security/xssAuditor/embed-tag-in-path-unterminated.html

* html/parser/XSSAuditor.cpp:
(WebCore::isNonCanonicalCharacter):
(WebCore::XSSAuditor::init):
(WebCore::XSSAuditor::decodedSnippetForName):
(WebCore::XSSAuditor::decodedSnippetForAttribute):
(WebCore::XSSAuditor::decodedSnippetForJavaScript):
(WebCore::fullyDecodeString): Deleted.

LayoutTests:

* http/tests/security/xssAuditor/embed-tag-in-path-unterminated-expected.txt: Added.
* http/tests/security/xssAuditor/embed-tag-in-path-unterminated.html: Added.
* http/tests/security/xssAuditor/intercept/.htaccess:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195073 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoimported/blink/editing/text-iterator/read-past-cloned-first-letter.html
bdakin@apple.com [Thu, 14 Jan 2016 21:31:05 +0000 (21:31 +0000)]
imported/blink/editing/text-iterator/read-past-cloned-first-letter.html
crashes
https://bugs.webkit.org/show_bug.cgi?id=153104
-and corresponding-
rdar://problem/24155631

Reviewed by Simon Fraser.

Though we merged the Blink test, we never merged Blink patch that fixed this
bug. So this is a merge of https://github.com/ChromiumWebApps/blink/commit/5a0d23d4368c661f621364339fde66b41ef019e5
* editing/TextIterator.cpp:
(WebCore::SimplifiedBackwardsTextIterator::handleFirstLetter):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195072 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[iOS Simulator] fast/table/003.html failing
zalan@apple.com [Thu, 14 Jan 2016 21:11:27 +0000 (21:11 +0000)]
[iOS Simulator] fast/table/003.html failing
https://bugs.webkit.org/show_bug.cgi?id=152444

Unreviewed gardening.

* platform/ios-simulator/fast/table/003-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195071 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[ES6] Support subclassing Function.
keith_miller@apple.com [Thu, 14 Jan 2016 20:45:48 +0000 (20:45 +0000)]
[ES6] Support subclassing Function.
https://bugs.webkit.org/show_bug.cgi?id=153081

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

This patch enables subclassing the Function object. It also fixes an existing
bug that prevented users from subclassing functions that have a function in
the superclass's prototype property.

* bytecompiler/NodesCodegen.cpp:
(JSC::ClassExprNode::emitBytecode):
* runtime/FunctionConstructor.cpp:
(JSC::constructWithFunctionConstructor):
(JSC::constructFunction):
(JSC::constructFunctionSkippingEvalEnabledCheck):
* runtime/FunctionConstructor.h:
* runtime/JSFunction.cpp:
(JSC::JSFunction::create):
* runtime/JSFunction.h:
(JSC::JSFunction::createImpl):
* runtime/JSFunctionInlines.h:
(JSC::JSFunction::createWithInvalidatedReallocationWatchpoint):
(JSC::JSFunction::JSFunction): Deleted.
* tests/stress/class-subclassing-function.js: Added.

LayoutTests:

Rebasline tests with the new clearer error message.

* js/class-syntax-extends-expected.txt:
* js/script-tests/class-syntax-extends.js:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195070 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoASSERTION FAILED: !newRelayoutRoot.container() || !newRelayoutRoot.container()->needs...
zalan@apple.com [Thu, 14 Jan 2016 20:09:51 +0000 (20:09 +0000)]
ASSERTION FAILED: !newRelayoutRoot.container() || !newRelayoutRoot.container()->needsLayout() in WebCore::FrameView::scheduleRelayoutOfSubtree
https://bugs.webkit.org/show_bug.cgi?id=151605#c1

Reviewed by David Hyatt.

Do not let RenderMultiColumnSet/RenderFlowThread mark ancestors dirty while updating scrollbars
for overflow content. While updating scrollbars, we only layout descendants so marking parents dirty
is unnecessary and could lead to an invalid dirty state.

Source/WebCore:

Test: fast/multicol/body-stuck-with-dirty-bit-with-columns.html

* rendering/RenderBlockFlow.cpp:
(WebCore::RenderBlockFlow::layoutSpecialExcludedChild):
* rendering/RenderFlowThread.cpp:
(WebCore::RenderFlowThread::invalidateRegions):
* rendering/RenderFlowThread.h:
* rendering/RenderMultiColumnSet.cpp:
(WebCore::RenderMultiColumnSet::prepareForLayout):

LayoutTests:

* fast/multicol/body-stuck-with-dirty-bit-with-columns-expected.txt: Added.
* fast/multicol/body-stuck-with-dirty-bit-with-columns.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195069 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAvoid downloading the wrong image for <picture> elements.
hyatt@apple.com [Thu, 14 Jan 2016 19:13:26 +0000 (19:13 +0000)]
Avoid downloading the wrong image for <picture> elements.
https://bugs.webkit.org/show_bug.cgi?id=153027

Reviewed by Dean Jackson.

Source/WebCore:

Added test in fast/picture.

* html/HTMLImageElement.cpp:
(WebCore::HTMLImageElement::HTMLImageElement):
(WebCore::HTMLImageElement::~HTMLImageElement):
(WebCore::HTMLImageElement::createForJSConstructor):
(WebCore::HTMLImageElement::bestFitSourceFromPictureElement):
(WebCore::HTMLImageElement::insertedInto):
(WebCore::HTMLImageElement::removedFrom):
(WebCore::HTMLImageElement::pictureElement):
(WebCore::HTMLImageElement::setPictureElement):
(WebCore::HTMLImageElement::width):
* html/HTMLImageElement.h:
(WebCore::HTMLImageElement::hasShadowControls):
* html/HTMLPictureElement.h:
* html/parser/HTMLConstructionSite.cpp:
(WebCore::HTMLConstructionSite::createHTMLElement):
* html/parser/HTMLPreloadScanner.cpp:
(WebCore::TokenPreloadScanner::StartTagScanner::processAttribute):

Images that are built underneath a <picture> element are now connected
to that picture element via a setPictureNode call from the parser. This
ensures that the correct <source> elements are examined before checking the image.

This connection between images and their picture owners is handled using a static
HashMap in HTMLImageElement. This connection is made both from the parser and from
DOM insertions, and the map is queried now instead of looking directly at the
image's parentNode().

LayoutTests:

* fast/picture/image-picture-loads-1x-expected.txt: Added.
* fast/picture/image-picture-loads-1x.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195064 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse a 2px border radius instead to look good on 2x devices as well as 1x.
timothy@apple.com [Thu, 14 Jan 2016 19:05:07 +0000 (19:05 +0000)]
Use a 2px border radius instead to look good on 2x devices as well as 1x.

* wp-content/themes/webkit/style.css:
(.timeline .time):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195063 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd a unit test to test BuildbotQueueView._appendPendingRevisionCount. https://bugs...
jmarcell@apple.com [Thu, 14 Jan 2016 19:01:36 +0000 (19:01 +0000)]
Add a unit test to test BuildbotQueueView._appendPendingRevisionCount. https://bugs.webkit.org/show_bug.cgi?id=152910

Reviewed by Daniel Bates.

* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueue.js: Added.
(MockBuildbotQueue): Added. Mock BuildbotQueue object that doesn't need to talk to an actual Buildbot server.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockBuildbotQueueView.js: Added.
(MockBuildbotQueueView): Added. Mock BuildbotQueueView object that returns a pre-specified _latestProductiveIteration without
the need to talk to a real Buildbot server.
(MockBuildbotQueueView.prototype._latestProductiveIteration): Added. Returns a pre-specified _latestProductiveIteration
without the need to talk to a real Buildbot server.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/MockTrac.js: Added.
(MockTrac): Added. Mock Trac constructor that has pre-populated "recordedCommits" and does not need to talk to a real Trac
server.
(MockTrac.prototype.get oldestRecordedRevisionNumber): Added. Returns a pre-specified revision.
(MockTrac.prototype.get latestRecordedRevisionNumber): Ditto.
(MockTrac.prototype.loadMoreHistoricalData): Added. Overrides the real loadMoreHistoricalData so that we don't waste time
trying to talk to Trac.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/index.html: Added. Web page container for
QUnit unit tests.
* BuildSlaveSupport/build.webkit.org-config/public_html/dashboard/Scripts/tests/tests.js: Added. QUnit unit tests.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195062 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix hairline crack on 1x devices between arrow and time label.
timothy@apple.com [Thu, 14 Jan 2016 19:00:45 +0000 (19:00 +0000)]
Fix hairline crack on 1x devices between arrow and time label.

* wp-content/themes/webkit/style.css:
(.timeline .content):
(.timeline .time):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195061 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMove streams/webkitGetUserMedia-shadowing-then.html to fast/mediastream
youenn.fablet@crf.canon.fr [Thu, 14 Jan 2016 18:18:19 +0000 (18:18 +0000)]
Move streams/webkitGetUserMedia-shadowing-then.html to fast/mediastream
https://bugs.webkit.org/show_bug.cgi?id=152973

Reviewed by Brent Fulgham.

Moved the test, made it asynchronous to ensure that the error callback is called.

* fast/mediastream/webkitGetUserMedia-shadowing-then-expected.txt: Renamed from LayoutTests/streams/webkitGetUserMedia-shadowing-then-expected.txt.
* fast/mediastream/webkitGetUserMedia-shadowing-then.html: Renamed from LayoutTests/streams/webkitGetUserMedia-shadowing-then.html.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195060 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r195002.
commit-queue@webkit.org [Thu, 14 Jan 2016 17:50:12 +0000 (17:50 +0000)]
Unreviewed, rolling out r195002.
https://bugs.webkit.org/show_bug.cgi?id=153098

Crashes many/most editing tests (Requested by ap on #webkit).

Reverted changeset:

"WK2: Request completion candidates when needed"
https://bugs.webkit.org/show_bug.cgi?id=153040
http://trac.webkit.org/changeset/195002

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195059 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] [EFL] Hyphenation can never work in practice due to requirements on lang tags
commit-queue@webkit.org [Thu, 14 Jan 2016 17:32:24 +0000 (17:32 +0000)]
[GTK] [EFL] Hyphenation can never work in practice due to requirements on lang tags
https://bugs.webkit.org/show_bug.cgi?id=147310

Patch by Martin Robinson <mrobinson@igalia.com> on 2016-01-14
Reviewed by Michael Catanzaro.

Source/WebCore:

Test: platform/gtk/fast/text/hyphenate-flexible-locales.html

* platform/text/hyphen/HyphenationLibHyphen.cpp: Make locale matching for dictionary
selection a lot looser by matching case insensitively, matching multiple dictionaries
when only the language is specified, and ignoring the difference between '_' and '-' in
the locale name.
(WebCore::scanDirectoryForDicionaries): Now produce HashMap of Vectors instead of a single
path for each locale. Also add alternate entries to handle different ways of specifying
the locale.
(WebCore::scanTestDictionariesDirectoryIfNecessary): Update to handle the difference
in HashMap type.
(WebCore::availableLocales): Ditto.
(WebCore::canHyphenate): Also look for the lowercased version of the locale.
(WebCore::AtomicStringKeyedMRUCache<RefPtr<HyphenationDictionary>>::createValueForKey):
Key on the dictionary path now so that we can load more than one dictionary per locale.
(WebCore::lastHyphenLocation): Iterate through each matched dictionary in turn.

LayoutTests:

Update some baselines and add a GTK+ specific test for locale variations.

* platform/gtk/fast/text/hyphenate-flexible-locales-expected.html: Added.
* platform/gtk/fast/text/hyphenate-flexible-locales.html: Added.
* platform/gtk/fast/text/hyphenate-locale-expected.png: We now properly hyphenate
text with the 'en' locale.
* platform/gtk/fast/text/hyphenate-locale-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195058 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[CMake][GTK] CMake Error: Could not create named generator Eclipse CDT4 - Ninja
commit-queue@webkit.org [Thu, 14 Jan 2016 16:31:58 +0000 (16:31 +0000)]
[CMake][GTK] CMake Error: Could not create named generator Eclipse CDT4 - Ninja
https://bugs.webkit.org/show_bug.cgi?id=132599

Patch by Nikos Andronikos <nikos.andronikos-webkit@cisra.canon.com.au> on 2016-01-14
Reviewed by Michael Catanzaro.

Check if cmake Ninja generators are installed.

* Scripts/webkitdirs.pm:
(canUseNinjaGenerator):
(canUseEclipseNinjaGenerator):
(generateBuildSystemFromCMakeProject):
(canUseEclipse): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195057 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[EFL][GTK][SeccompFilter] Fix build break when enabling --seccomp-filters
gyuyoung.kim@webkit.org [Thu, 14 Jan 2016 14:42:22 +0000 (14:42 +0000)]
[EFL][GTK][SeccompFilter] Fix build break when enabling --seccomp-filters
https://bugs.webkit.org/show_bug.cgi?id=153094

Reviewed by Csaba Osztrogonác.

diskCacheDirectory and cookiePersistentStoragePath were removed by r192796.
But SyscallPolicy::addDefaultWebProcessPolicy has added directory permission
to the removed paths.

It looks two paths needs to be handled by network process.

* Shared/linux/SeccompFilters/SyscallPolicy.cpp:
(WebKit::SyscallPolicy::addDefaultWebProcessPolicy): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195056 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoPart 2/2: Stop using USE(CFNETWORK) path on iOS
ddkilzer@apple.com [Thu, 14 Jan 2016 12:04:58 +0000 (12:04 +0000)]
Part 2/2: Stop using USE(CFNETWORK) path on iOS
<https://webkit.org/b/142540>

Original patch by Antti Koivisto <antti@apple.com> on 2015-03-10
Reviewed by Chris Dumez.

* wtf/Platform.h: Turn off USE(CFNETWORK) for PLATFORM(IOS).

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195035 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Win] Remove workarounds for fixed bugs in fmod and pow.
peavo@outlook.com [Thu, 14 Jan 2016 08:50:23 +0000 (08:50 +0000)]
[Win] Remove workarounds for fixed bugs in fmod and pow.
https://bugs.webkit.org/show_bug.cgi?id=153071

Reviewed by Brent Fulgham.

Source/WebCore:

Compile fix, help MSVC pick correct pow overload.

* rendering/shapes/BoxShape.cpp:
(WebCore::adjustRadiusForMarginBoxShape):

Source/WTF:

The bugs have been fixed in the MSVC CRT, and we can remove the workarounds.

* wtf/MathExtras.h:
(wtf_fmod): Deleted.
(wtf_pow): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195011 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoFix problems with cross-origin redirects
youenn.fablet@crf.canon.fr [Thu, 14 Jan 2016 08:39:13 +0000 (08:39 +0000)]
Fix problems with cross-origin redirects
https://bugs.webkit.org/show_bug.cgi?id=116075

Reviewed by Daniel Bates.

LayoutTests/imported/w3c:

Rebasing test expectations.
These tests cannot work as expected as WTR/DRT block access to www2.localhost and example.not.

* web-platform-tests/XMLHttpRequest/send-redirect-bogus-expected.txt:
* web-platform-tests/XMLHttpRequest/send-redirect-to-cors-expected.txt:
* web-platform-tests/XMLHttpRequest/send-redirect-to-non-cors-expected.txt:

Source/WebCore:

Merging https://chromium.googlesource.com/chromium/blink/+/7ea774e478f84f355748108d2aaabca15355d512 by Ken Russell
Same origin redirect responses leading to cross-origin requests were checked as cross-origin redirect responses.
Introduced ClientRequestedCredentials to manage whether credentials are needed or not in the cross-origin request.

In addition to Blink patch, it was needed to update some loaders with the newly introduced ClientRequestedCredentials parameter.
Added the clearing of "Accept-Encoding" header from cross-origin requests as Mac HTTP network layer is adding it for same-origin requests.

Test: http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin.html

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::startLoadingMainResource): Added new security parameter (from Blink patch).
* loader/DocumentThreadableLoader.cpp:
(WebCore::DocumentThreadableLoader::redirectReceived): Updated checks so that same origin redirections are not treated as cross origin redirections (from Blink patch).
* loader/MediaResourceLoader.cpp:
(WebCore::MediaResourceLoader::start):
* loader/NetscapePlugInStreamLoader.cpp:
(WebCore::NetscapePlugInStreamLoader::NetscapePlugInStreamLoader): Added new security parameter.
* loader/ResourceLoaderOptions.h:
(WebCore::ResourceLoaderOptions::ResourceLoaderOptions): Added new security parameter (from Blink patch).
(WebCore::ResourceLoaderOptions::credentialRequest):
(WebCore::ResourceLoaderOptions::setCredentialRequest):
* loader/cache/CachedResourceLoader.cpp:
(WebCore::CachedResourceLoader::requestUserCSSStyleSheet): Ditto.
(WebCore::CachedResourceLoader::defaultCachedResourceOptions): Ditto.
* loader/icon/IconLoader.cpp:
(WebCore::IconLoader::startLoading): Added new security parameter.
* page/EventSource.cpp:
(WebCore::EventSource::connect): Added new security parameter (from Blink patch).
* platform/graphics/avfoundation/cf/WebCoreAVCFResourceLoader.cpp:
(WebCore::WebCoreAVCFResourceLoader::startLoading): Added new security parameter.
* platform/graphics/avfoundation/objc/WebCoreAVFResourceLoader.mm:
(WebCore::WebCoreAVFResourceLoader::startLoading): Ditto.
* platform/network/ResourceHandleTypes.h: Added new security parameter constants (from Blink patch).
* platform/network/ResourceRequestBase.cpp:
(WebCore::ResourceRequestBase::clearHTTPAcceptEncoding): Function to remove "Accept-Encoding" header.
* platform/network/ResourceRequestBase.h: Ditto.
* xml/XMLHttpRequest.cpp:
(WebCore::XMLHttpRequest::createRequest): Added new security parameter.

LayoutTests:

Merging https://chromium.googlesource.com/chromium/blink/+/7ea774e478f84f355748108d2aaabca15355d512 by Ken Russell
This merge adds tests for cross origin requests triggered from same origin redirection responses with and without credentials).
Rebaseline of some tests due to console error messages generated from newly hit CORS checks.

* TestExpectations: Disabled WPT tests that require access to non localhost URLs which are currently blocked by DTR/WTR.
* http/tests/xmlhttprequest/access-control-and-redirects-async-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin-expected.txt: Added.
* http/tests/xmlhttprequest/access-control-and-redirects-async-same-origin.html: Added.
* http/tests/xmlhttprequest/access-control-and-redirects-async.html:
* http/tests/xmlhttprequest/access-control-and-redirects-expected.txt:
* http/tests/xmlhttprequest/access-control-and-redirects.html:
* http/tests/xmlhttprequest/redirect-cross-origin-2-expected.txt:
* http/tests/xmlhttprequest/redirect-cross-origin-expected.txt:
* http/tests/xmlhttprequest/redirect-cross-origin-post-expected.txt:
* http/tests/xmlhttprequest/redirect-cross-origin-tripmine-expected.txt:
* http/tests/xmlhttprequest/resources/access-control-basic-allow-no-credentials.cgi: Added.
* http/tests/xmlhttprequest/xmlhttprequest-unsafe-redirect-expected.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195010 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[CMake] Do not use LLVM static libraries for FTL JIT
carlosgc@webkit.org [Thu, 14 Jan 2016 07:34:09 +0000 (07:34 +0000)]
[CMake] Do not use LLVM static libraries for FTL JIT
https://bugs.webkit.org/show_bug.cgi?id=151559

Reviewed by Michael Catanzaro.

.:

Also export LLVM_LIBRARIES variable that can be used to prefer
linking to the llvm dynamic libraries.

* Source/cmake/FindLLVM.cmake:

Source/JavaScriptCore:

Allow ports decide whether to prefer linking to llvm static or
dynamic libraries. This patch only changes the behavior of the GTK
port, other ports can change the default behavior by setting
llvmForJSC_LIBRARIES in their platform specific cmake files.

* CMakeLists.txt: Move llvmForJSC library definition after the
WEBKIT_INCLUDE_CONFIG_FILES_IF_EXISTS, to allow platform specific
files to set their own llvmForJSC_LIBRARIES. When not set, it
defaults to LLVM_STATIC_LIBRARIES. The command to create
WebKitLLVMLibraryToken.h no longer depends on the static
libraries, since we are going to make the build fail anyway when
not found in case of linking to the static libraries. If platform
specific file defined llvmForJSC_INSTALL_DIR llvmForJSC is also
installed to the given destination.
* PlatformGTK.cmake: Set llvmForJSC_LIBRARIES and
llvmForJSC_INSTALL_DIR.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195009 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCorrect some history timeline styles.
timothy@apple.com [Thu, 14 Jan 2016 07:00:06 +0000 (07:00 +0000)]
Correct some history timeline styles.

* wp-content/themes/webkit/style.css:
(.timeline .content):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195008 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAdd styles for a history timeline, needed by an upcoming blog post.
timothy@apple.com [Thu, 14 Jan 2016 06:49:05 +0000 (06:49 +0000)]
Add styles for a history timeline, needed by an upcoming blog post.

* wp-content/themes/webkit/style.css:
(.timeline):
(.timeline:after):
(.timeline *):
(.timeline:before):
(.timeline > li):
(.timeline > li:before):
(.timeline .content):
(.timeline figure):
(.timeline .time):
(.timeline h2, .timeline h3):
(.timeline .time::before):
(.timeline img):
(@media (min-width: 900px)):
(.timeline > li.force-clear):
(.timeline > li:nth-child(odd)):
(.timeline > li:nth-child(even)):
(.timeline > li.force-clear + li):
(.timeline li .time):
(.timeline li:nth-child(odd) .time):
(.timeline li:nth-child(even) .time):
(.timeline li:nth-child(even) .time::before):
(.timeline > li:nth-child(even):before):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195007 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAddressing more post-review comments after r194566
mmaxfield@apple.com [Thu, 14 Jan 2016 06:22:24 +0000 (06:22 +0000)]
Addressing more post-review comments after r194566

Unreviewed.

No new tests because there is no behavior change.

* platform/text/mac/TextBreakIteratorInternalICUMac.mm:
(WebCore::topLanguagePreference):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195006 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoImplement custom protocols when using NetworkSession
commit-queue@webkit.org [Thu, 14 Jan 2016 02:43:48 +0000 (02:43 +0000)]
Implement custom protocols when using NetworkSession
https://bugs.webkit.org/show_bug.cgi?id=153078

Patch by Alex Christensen <achristensen@webkit.org> on 2016-01-13
Reviewed by Andy Estes.

Source/WebCore:

No new tests, but this makes the WebKit2CustomProtocolsTest api tests pass when using NetworkSession.

* WebCore.xcodeproj/project.pbxproj:
Make NSURLConnectionSPI.h private so we can include it from within WebKit2.

Source/WebKit2:

* NetworkProcess/CustomProtocols/Cocoa/CustomProtocolManagerCocoa.mm:
(WebKit::generateCustomProtocolID):
(+[WKCustomProtocol canInitWithRequest:]):
(+[WKCustomProtocol canonicalRequestForRequest:]):
(-[WKCustomProtocol initWithRequest:cachedResponse:client:]):
(-[WKCustomProtocol startLoading]):
(-[WKCustomProtocol stopLoading]):
There's no need to have a static pointer when we can use NetworkProcess::singleton to access
the process-global CustomProtocolManager, and add null checks because that's a good thing to do.
(WebKit::CustomProtocolManager::CustomProtocolManager):
Call UTF8Encoding when creating the CustomProtocolManager on the main thread to make sure it exists
for when we decode URLS in ResourceResponses from IPC later, which is done on a different WorkQueue.
(WebKit::CustomProtocolManager::initializeConnection):
(WebKit::CustomProtocolManager::initialize):
(WebKit::CustomProtocolManager::removeCustomProtocol):
(WebKit::CustomProtocolManager::registerProtocolClass):
(WebKit::CustomProtocolManager::registerScheme):
* NetworkProcess/CustomProtocols/CustomProtocolManager.h:
* NetworkProcess/cocoa/NetworkSessionCocoa.mm:
(WebKit::NetworkSession::NetworkSession):
Call registerProtocolClass to set configuration.protocolClasses if there is a CustomProtocolManager.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195005 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCross-protocol, cross-site scripting (XPSS) using HTML forms
bfulgham@apple.com [Thu, 14 Jan 2016 01:29:17 +0000 (01:29 +0000)]
Cross-protocol, cross-site scripting (XPSS) using HTML forms
https://bugs.webkit.org/show_bug.cgi?id=153017
<rdar://problem/5873254>

Reviewed by David Kilzer.

* loader/DocumentLoader.cpp:
(WebCore::DocumentLoader::responseReceived): If response HTTP version is 0.9,
sandbox against script execution and plugins.
* loader/ResourceLoader.cpp:
(WebCore::ResourceLoader::didReceiveResponse): Ditto.
* loader/SubresourceLoader.cpp:
(WebCore::SubresourceLoader::didReceiveResponse): Ditto.
* platform/network/ResourceResponseBase.cpp:
(WebCore::ResourceResponseBase::adopt): Update for HTTP version.
(WebCore::ResourceResponseBase::copyData): Ditto.
(WebCore::ResourceResponseBase::httpVersion): Added.
(WebCore::ResourceResponseBase::setHTTPVersion): Ditto.
* platform/network/ResourceResponseBase.h:
(WebCore::ResourceResponseBase::encode): Update for HTTP version.
(WebCore::ResourceResponseBase::decode): Ditto.
* platform/network/cf/ResourceResponseCFNet.cpp:
(WebCore::ResourceResponse::platformLazyInit): Capture HTTP version.
* platform/network/cocoa/ResourceResponseCocoa.mm:
(WebCore::ResourceResponse::platformLazyInit): Ditto.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195004 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoMarking test as flaky: sputnik/Conformance/15_Native_Objects/15.1_The_Global_Object...
ryanhaddad@apple.com [Thu, 14 Jan 2016 01:12:46 +0000 (01:12 +0000)]
Marking test as flaky: sputnik/Conformance/15_Native_Objects/15.1_The_Global_Object/15.1.3/15.1.3.3_encodeURI/S15.1.3.3_A2.4_T2.html
https://bugs.webkit.org/show_bug.cgi?id=153086

Unreviewed test gardening.

* platform/mac/TestExpectations:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195003 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWK2: Request completion candidates when needed
bdakin@apple.com [Thu, 14 Jan 2016 01:03:01 +0000 (01:03 +0000)]
WK2: Request completion candidates when needed
https://bugs.webkit.org/show_bug.cgi?id=153040
-and corresponding-
rdar://problem/24155631

Reviewed by Enrica Casucci.

Source/WebCore:

Helper functions for stringForCandidateRequest() and
handleAcceptedCandidate()
* editing/Editor.cpp:
(WebCore::candidateRangeForSelection):
(WebCore::candidateWouldReplaceText):

Request candidates for the word that is currently being typed so long as the
candidate would replace that word. Otherwise, use String().
(WebCore::Editor::stringForCandidateRequest):

When a candidate has been accepted, insert the text.
(WebCore::Editor::handleAcceptedCandidate):
* editing/Editor.h:

Source/WebKit2:

Mac needs to support postLayoutData in order to have some layout-related
editing information to request candidates. This patch re-shuffles some items
in the struct so that they can be shared by Mac and iOS, and it adds 3 new
items for Mac only.
* Shared/EditorState.cpp:
(WebKit::EditorState::encode):
(WebKit::EditorState::decode):
(WebKit::EditorState::PostLayoutData::encode):
(WebKit::EditorState::PostLayoutData::decode):
* Shared/EditorState.h:

Request and handle candidates here in WebViewImpl, and cache the
m_lastStringForCandidateRequest so that we can ensure the results we receive
were received in a timely enough manner that they are still for the same
String.
* UIProcess/Cocoa/WebViewImpl.h:
* UIProcess/Cocoa/WebViewImpl.mm:
(WebKit::WebViewImpl::selectionDidChange):

When selection changes, request new candidates.
(WebKit::WebViewImpl::requestCandidatesForSelectionIfNeeded):

Once candidates have been received, we ask the sharedSpellChecker to show
them.
(WebKit::WebViewImpl::handleRequestedCandidates):

If a candidate is accepted, we ask the WebProcess to accept it, so we start
by converting the NSTextCheckingResult to a WebCore::TextCheckingResult.
(WebKit::textCheckingResultFromNSTextCheckingResult):
(WebKit::WebViewImpl::handleAcceptedCandidate):

Ask the WebProcess to handle accepting the candidate.
* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::handleAcceptedCandidate):
* UIProcess/WebPageProxy.h:
* WebProcess/WebPage/WebPage.h:
(WebKit::WebPage:: handleAcceptedCandidate):
* WebProcess/WebPage/WebPage.messages.in:

Now that Mac has some postLayoutData in the EditorState, fill that in in
platformEditorState().
* WebProcess/WebPage/mac/WebPageMac.mm:
(WebKit::WebPage::platformEditorState):

Ask WebCore::Editor to handle the accepted candidate.
(WebKit::WebPage::handleAcceptedCandidate):

LayoutTests:

Getting updated EditorState in platformEditorState causes some extra layout
to happen, so now the layout test results for WK2 reflect the results that we
already see on iOS for this test and they reflect the render tree as it is
when you load the page in browser.
* platform/mac/fast/dom/focus-contenteditable-expected.txt:

WebKit 1 is not affected by these new results, so this adds WK-1 only results
that match the old Mac results.
* platform/mac-wk1/fast/dom: Added.
* platform/mac-wk1/fast/dom/focus-contenteditable-expected.txt: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195002 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoAddressing post-review comments after r194566
mmaxfield@apple.com [Thu, 14 Jan 2016 00:29:55 +0000 (00:29 +0000)]
Addressing post-review comments after r194566

Unreviewed.

No new tests because there is no behavior difference.

* platform/text/mac/TextBreakIteratorInternalICUMac.mm:
(WebCore::textBreakLocalePreference):
(WebCore::topLanguagePreference):
(WebCore::getSearchLocale):
(WebCore::getTextBreakLocale):
(WebCore::canonicalLanguageIdentifier): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195001 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoNativeExecutable should have a name field
sbarati@apple.com [Thu, 14 Jan 2016 00:28:40 +0000 (00:28 +0000)]
NativeExecutable should have a name field
https://bugs.webkit.org/show_bug.cgi?id=153083

Reviewed by Geoffrey Garen.

This is going to help the SamplingProfiler come up
with names for NativeExecutable objects it encounters.

* jit/JITThunks.cpp:
(JSC::JITThunks::finalize):
(JSC::JITThunks::hostFunctionStub):
* jit/JITThunks.h:
* runtime/Executable.h:
* runtime/JSBoundFunction.cpp:
(JSC::JSBoundFunction::create):
* runtime/JSFunction.cpp:
(JSC::JSFunction::create):
(JSC::JSFunction::lookUpOrCreateNativeExecutable):
* runtime/JSFunction.h:
(JSC::JSFunction::createImpl):
* runtime/JSNativeStdFunction.cpp:
(JSC::JSNativeStdFunction::create):
* runtime/VM.cpp:
(JSC::thunkGeneratorForIntrinsic):
(JSC::VM::getHostFunction):
* runtime/VM.h:
(JSC::VM::getCTIStub):
(JSC::VM::exceptionOffset):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@195000 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoformaction must return document's address when formaction is missing
rniwa@webkit.org [Thu, 14 Jan 2016 00:04:56 +0000 (00:04 +0000)]
formaction must return document's address when formaction is missing
https://bugs.webkit.org/show_bug.cgi?id=148874

Reviewed by Chris Dumez.

LayoutTests/imported/w3c:

Rebaselined the tests now that more test cases are passing.

* web-platform-tests/html/semantics/forms/attributes-common-to-form-controls/formAction_document_address-expected.txt:
* web-platform-tests/html/semantics/forms/attributes-common-to-form-controls/formaction-expected.txt:

Source/WebCore:

Fixed the bug by falling back to document.url() when the attribute is not set or is empty in formAction getter.

Test: fast/forms/formaction-attribute-with-empty-value.html

* html/HTMLButtonElement.idl:
* html/HTMLFormControlElement.cpp:
(WebCore::HTMLFormControlElement::formAction): Added.
(WebCore::HTMLFormControlElement::setFormAction): Added.
* html/HTMLFormControlElement.h:
* html/HTMLInputElement.idl:

LayoutTests:

Added a regression test and rebaselined imported W3C tests.

* fast/forms/formaction-attribute-with-empty-value-expected.txt: Added.
* fast/forms/formaction-attribute-with-empty-value.html: Added.
* fast/forms/submit-form-attributes-expected.txt:
* fast/forms/submit-form-attributes.html:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194999 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[ES6] Support subclassing the String builtin object
keith_miller@apple.com [Wed, 13 Jan 2016 23:45:14 +0000 (23:45 +0000)]
[ES6] Support subclassing the String builtin object
https://bugs.webkit.org/show_bug.cgi?id=153068

Reviewed by Michael Saboff.

This patch adds subclassing of strings. Also, this patch fixes a bug where we could have
the wrong indexing type for builtins constructed without storage.

* runtime/PrototypeMap.cpp:
(JSC::PrototypeMap::emptyStructureForPrototypeFromBaseStructure):
* runtime/StringConstructor.cpp:
(JSC::constructWithStringConstructor):
* tests/stress/class-subclassing-string.js: Added.
(test):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194998 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Cocoa] Testing with font family name "System Font" is unused
mmaxfield@apple.com [Wed, 13 Jan 2016 23:31:08 +0000 (23:31 +0000)]
[Cocoa] Testing with font family name "System Font" is unused
https://bugs.webkit.org/show_bug.cgi?id=153073
<rdar://problem/24091683>

Reviewed by Brent Fulgham.

* DumpRenderTree/mac/DumpRenderTree.mm:
(allowedFontFamilySet): Deleted.
* WebKitTestRunner/InjectedBundle/cocoa/ActivateFontsCocoa.mm:
(WTR::allowedFontFamilySet): Deleted.
* WebKitTestRunner/mac/TestControllerMac.mm:
(WTR::allowedFontFamilySet): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194997 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoThe StringFromCharCode DFG intrinsic should support untyped operands.
mark.lam@apple.com [Wed, 13 Jan 2016 23:28:38 +0000 (23:28 +0000)]
The StringFromCharCode DFG intrinsic should support untyped operands.
https://bugs.webkit.org/show_bug.cgi?id=153046

Reviewed by Geoffrey Garen.

Source/JavaScriptCore:

The current StringFromCharCode DFG intrinsic assumes that its operand charCode
must be an Int32.  This results in 26000+ BadType OSR exits in the LongSpider
crypto-aes benchmark.  With support for Untyped operands, the number of OSR
exits drops to 202.

* dfg/DFGClobberize.h:
(JSC::DFG::clobberize):
* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGOperations.cpp:
* dfg/DFGOperations.h:
* dfg/DFGSpeculativeJIT.cpp:
(JSC::DFG::SpeculativeJIT::compileFromCharCode):
* dfg/DFGSpeculativeJIT.h:
(JSC::DFG::SpeculativeJIT::callOperation):
* dfg/DFGValidate.cpp:
(JSC::DFG::Validate::validate):
* runtime/JSCJSValueInlines.h:
(JSC::JSValue::toUInt32):

LayoutTests:

* js/regress/ftl-polymorphic-StringFromCharCode-expected.txt: Added.
* js/regress/ftl-polymorphic-StringFromCharCode.html: Added.
* js/regress/script-tests/ftl-polymorphic-StringFromCharCode.js: Added.
(o1.valueOf):
(foo):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194996 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Add comments above options declarations in OptionsGTK.cmake
mcatanzaro@igalia.com [Wed, 13 Jan 2016 23:06:20 +0000 (23:06 +0000)]
[GTK] Add comments above options declarations in OptionsGTK.cmake
https://bugs.webkit.org/show_bug.cgi?id=153074

Reviewed by Martin Robinson.

* Source/cmake/OptionsGTK.cmake:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194988 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r194900.
cdumez@apple.com [Wed, 13 Jan 2016 23:00:14 +0000 (23:00 +0000)]
Unreviewed, rolling out r194900.

Roll back in as this did not actually regress PLT

Reverted changeset:

"Unreviewed, rolling out r194826."
https://bugs.webkit.org/show_bug.cgi?id=153020
http://trac.webkit.org/changeset/194900

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194987 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWebKit2 should have an API for eagerly querying whether the web process is responsive
ggaren@apple.com [Wed, 13 Jan 2016 22:45:38 +0000 (22:45 +0000)]
WebKit2 should have an API for eagerly querying whether the web process is responsive
https://bugs.webkit.org/show_bug.cgi?id=153037

Reviewed by Tim Horton.

WebKit2 provides a delegate notification when the web process doesn't
respond to a message after a while. But there's no way to send a message
eagerly and check for reply.

We want this new mechanism so that navigation can terminate the web
process eagerly if it is hung.

* UIProcess/API/C/WKPage.cpp:
(WKPageGetWebProcessIsResponsive):
* UIProcess/API/C/WKPagePrivate.h: This is the new API.

* UIProcess/WebPageProxy.cpp:
(WebKit::WebPageProxy::sendWheelEvent): Updated for interface change.

(WebKit::WebPageProxy::getWebProcessIsResponsive): Calls through to the
web process proxy. We claim that we are responsive when there is no
web process because we assume that a fresh web process will not hang.

* UIProcess/WebPageProxy.h:

* UIProcess/WebProcessProxy.cpp:
(WebKit::WebProcessProxy::WebProcessProxy):
(WebKit::WebProcessProxy::didBecomeUnresponsive): Keep a flag indicating
whether the process is unresponsive so that we can fire unresponsiveness
callbacks immediately for a hung process instead of waiting another 3s.

(WebKit::WebProcessProxy::didBecomeResponsive): We don't fire responsiveness
callbacks inside didBecomeResponsive because we assume that a responsive
web process will invoke didReceiveMainThreadPing -- and we fire the
callbacks there.

(WebKit::WebProcessProxy::getIsResponsive): If the web process is already
known to be unresponsive, fire the callback right away. Otherwise, queue
it up to fire once we have an answer from a main thread ping.

(WebKit::WebProcessProxy::didReceiveMainThreadPing): Fire any pending
callbacks when we learn that the web process is responsive.

* UIProcess/WebProcessProxy.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194986 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoRemoved empty #if block from Font.h
commit-queue@webkit.org [Wed, 13 Jan 2016 22:32:55 +0000 (22:32 +0000)]
Removed empty #if block from Font.h
https://bugs.webkit.org/show_bug.cgi?id=153067

Patch by Konstantin Tokarev <annulen@yandex.ru> on 2016-01-13
Reviewed by Alex Christensen.

No new tests needed.

* platform/graphics/Font.h:
(WebCore::Font::scriptCache): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194985 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Consistently use virtual and override specifiers in ScrollbarThemeGtk
mcatanzaro@igalia.com [Wed, 13 Jan 2016 22:29:01 +0000 (22:29 +0000)]
[GTK] Consistently use virtual and override specifiers in ScrollbarThemeGtk
https://bugs.webkit.org/show_bug.cgi?id=153076

Reviewed by Alex Christensen.

No behavior change.

* platform/gtk/ScrollbarThemeGtk.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194984 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUse DFG Graph::binary/unaryArithShouldSpeculateInt32/MachineInt() functions consistently.
mark.lam@apple.com [Wed, 13 Jan 2016 22:21:40 +0000 (22:21 +0000)]
Use DFG Graph::binary/unaryArithShouldSpeculateInt32/MachineInt() functions consistently.
https://bugs.webkit.org/show_bug.cgi?id=153080

Reviewed by Geoffrey Garen.

We currently have Graph::mulShouldSpeculateInt32/machineInt() and
Graph::negateShouldSpeculateInt32/MachineInt() functions which are only used by
the ArithMul and ArithNegate nodes.  However, the same tests need to be done for
many other arith nodes in the DFG.  This patch renames these functions as
Graph::binaryArithShouldSpeculateInt32/machineInt() and
Graph::unaryArithShouldSpeculateInt32/MachineInt(), and uses them consistently
in the DFG.

* dfg/DFGFixupPhase.cpp:
(JSC::DFG::FixupPhase::fixupNode):
* dfg/DFGGraph.h:
(JSC::DFG::Graph::addShouldSpeculateMachineInt):
(JSC::DFG::Graph::binaryArithShouldSpeculateInt32):
(JSC::DFG::Graph::binaryArithShouldSpeculateMachineInt):
(JSC::DFG::Graph::unaryArithShouldSpeculateInt32):
(JSC::DFG::Graph::unaryArithShouldSpeculateMachineInt):
(JSC::DFG::Graph::mulShouldSpeculateInt32): Deleted.
(JSC::DFG::Graph::mulShouldSpeculateMachineInt): Deleted.
(JSC::DFG::Graph::negateShouldSpeculateInt32): Deleted.
(JSC::DFG::Graph::negateShouldSpeculateMachineInt): Deleted.
* dfg/DFGPredictionPropagationPhase.cpp:
(JSC::DFG::PredictionPropagationPhase::propagate):
(JSC::DFG::PredictionPropagationPhase::doDoubleVoting):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194983 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoCleanup: XSS Auditor should avoid re-evaluating the parsed script tag
commit-queue@webkit.org [Wed, 13 Jan 2016 21:45:07 +0000 (21:45 +0000)]
Cleanup: XSS Auditor should avoid re-evaluating the parsed script tag
https://bugs.webkit.org/show_bug.cgi?id=152870

Patch by Daniel Bates <dabates@apple.com> on 2016-01-13
Reviewed by Brent Fulgham.

Merged from Blink (patch by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=154354&view=revision>

Although the XSS Auditor caches the decoded start tag of a script as an optimization to
avoid decoding it again when filtering the character data of the script, it is sufficient
to cache whether the HTTP response contains the decoded start tag of a script. This
avoids both decoding the start tag of a script and determining whether the HTTP response
contains it again when filtering the character data of the script. Moreover, this removes
the need to cache a string object.

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::filterCharacterToken):
(WebCore::XSSAuditor::filterScriptToken):
* html/parser/XSSAuditor.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194982 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Inspector should use the last sourceURL / sourceMappingURL directive
commit-queue@webkit.org [Wed, 13 Jan 2016 21:32:44 +0000 (21:32 +0000)]
Web Inspector: Inspector should use the last sourceURL / sourceMappingURL directive
https://bugs.webkit.org/show_bug.cgi?id=153072
<rdar://problem/24168312>

Patch by Joseph Pecoraro <pecoraro@apple.com> on 2016-01-13
Reviewed by Timothy Hatcher.

Source/JavaScriptCore:

* parser/Lexer.cpp:
(JSC::Lexer<T>::parseCommentDirective):
Just keep overwriting the member variable so we end up with
the last directive value.

Source/WebInspectorUI:

* UserInterface/Base/Utilities.js:
Prepend instead of append the sourceURL so the provided string
can include a sourceURL and override it. Such as manually
evaluating a script through the quick console with a sourceURL.

* UserInterface/Models/SourceMapResource.js:
Fix an incorrectly named property.

LayoutTests:

* inspector/console/console-api-expected.txt:
* inspector/console/console-table-expected.txt:
* platform/mac/inspector/model/remote-object-expected.txt:
Updated line number in output now that code evaluated through the frontend
gets the __WebInspectorInternal__ sourceURL prepended to the start instead
of appended to the end.

* inspector/debugger/sourceURLs-expected.txt:
* inspector/debugger/sourceURLs.html:
Update the test to find the second sourceURL, not the first.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194981 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r194963.
ryanhaddad@apple.com [Wed, 13 Jan 2016 21:24:11 +0000 (21:24 +0000)]
Unreviewed, rolling out r194963.
https://bugs.webkit.org/show_bug.cgi?id=153079

This change causes ASan tests to crash and exit early
(Requested by ryanhaddad on #webkit).

Reverted changeset:

"Fragmentation-free allocator for timeless and/or coupled
allocations."
https://bugs.webkit.org/show_bug.cgi?id=152696
http://trac.webkit.org/changeset/194963

Patch by Commit Queue <commit-queue@webkit.org> on 2016-01-13

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194980 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[XSS Auditor] Do not include trailing comment characters in JavaScript snippets
commit-queue@webkit.org [Wed, 13 Jan 2016 21:20:38 +0000 (21:20 +0000)]
[XSS Auditor] Do not include trailing comment characters in JavaScript snippets
https://bugs.webkit.org/show_bug.cgi?id=152873

Patch by Daniel Bates <dabates@apple.com> on 2016-01-13
Reviewed by Brent Fulgham.

Merged from Blink (patch by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?view=rev&revision=169967>

Source/WebCore:

Test: http/tests/security/xssAuditor/script-tag-with-injected-comment.html

* html/parser/XSSAuditor.cpp:
(WebCore::XSSAuditor::decodedSnippetForJavaScript):

LayoutTests:

* http/tests/security/xssAuditor/script-tag-with-injected-comment-expected.txt: Added.
* http/tests/security/xssAuditor/script-tag-with-injected-comment.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194979 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[XSS Auditor] Add test when XSS payload is in the path portion of the URL
commit-queue@webkit.org [Wed, 13 Jan 2016 21:18:39 +0000 (21:18 +0000)]
[XSS Auditor] Add test when XSS payload is in the path portion of the URL
https://bugs.webkit.org/show_bug.cgi?id=152871

Patch by Daniel Bates <dabates@apple.com> on 2016-01-13
Reviewed by Brent Fulgham.

Merged from Blink (patch by Tom Sepez <tsepez@chromium.org>):
<https://src.chromium.org/viewvc/blink?revision=164746&view=revision>

Tools:

* Scripts/webkitpy/layout_tests/servers/lighttpd.conf:

LayoutTests:

Add infrastructure and a test for an XSS attack where the payload is
embedded in the path portion of the URL.

Many XSS Auditor tests pass the XSS payload to CGI scripts via the
query string portion of the URL. Now we also support calling these
same scripts with the payload embedded in the path portion of the
URL.

Loading <http://127.0.0.1:8000/security/xssAuditor/intercept/X/Y>
returns a response whose content is identical to <http://127.0.0.1:8000/security/xssAuditor/resoures/X?q=Y>,
where X is the filename of some CGI script in directory LayoutTests/http/tests/security/xssAuditor/resources
and Y is the XSS payload.

* http/tests/security/xssAuditor/intercept/.htaccess: Added.
* http/tests/security/xssAuditor/reflection-in-path-expected.txt: Added.
* http/tests/security/xssAuditor/reflection-in-path.html: Added.
* http/tests/security/xssAuditor/resources/echo-form-action.pl: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194978 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWeb Inspector: Add support for the existing GradientEditor in the CSS Rules sidebar
commit-queue@webkit.org [Wed, 13 Jan 2016 21:14:44 +0000 (21:14 +0000)]
Web Inspector: Add support for the existing GradientEditor in the CSS Rules sidebar
https://bugs.webkit.org/show_bug.cgi?id=153004

Patch by Devin Rousso <dcrousso+webkit@gmail.com> on 2016-01-13
Reviewed by Timothy Hatcher.

Both the Visual sidebar and Resource view have editors for CSS gradient
values, but the Rules sidebar instead only adds editors for basic color
values. Instead of duplicating the code for gradient swatches, existing
code will be used to give this same functionality to the Rules sidebar.

* Localizations/en.lproj/localizedStrings.js:
* UserInterface/Main.html:

* UserInterface/Models/Gradient.js:
(WebInspector.Gradient):
(WebInspector.Gradient.fromString):
(WebInspector.Gradient.stopsWithComponents):
(WebInspector.Gradient.prototype.copy):
(WebInspector.Gradient.prototype.toString):
Refactored WebInspector.Gradient into its own class.

(WebInspector.LinearGradient):
(WebInspector.LinearGradient.prototype.toString):
Now uses WebInspector.Gradient inheritance and methods.

(WebInspector.RadialGradient):
(WebInspector.RadialGradient.prototype.toString):
Now uses WebInspector.Gradient inheritance and methods.

* UserInterface/Views/CSSStyleDeclarationTextEditor.css:
Use InlineSwatch.css values instead.

(.css-style-text-editor > .CodeMirror .CodeMirror-lines .cubic-bezier-marker): Deleted.
(@media (-webkit-max-device-pixel-ratio: 1)): Deleted.
(.css-style-text-editor > .CodeMirror .CodeMirror-lines .cubic-bezier-marker:hover): Deleted.
(.css-style-text-editor > .CodeMirror .CodeMirror-lines .cubic-bezier-marker:active): Deleted.

* UserInterface/Views/CSSStyleDeclarationTextEditor.js:
(WebInspector.CSSStyleDeclarationTextEditor.prototype.didDismissPopover): Deleted.
Removed unused popover member variable.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._contentChanged):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._updateTextMarkers.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createInlineSwatches.createSwatch):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createInlineSwatches.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createInlineSwatches):
Renamed variables for more consistent naming and reimplemented the logic
to use the new WebInspector.InlineSwatch methods.  As a result, it was
possible to consolidate the 3 different type of swatch functions into a
single function.

(WebInspector.CSSStyleDeclarationTextEditor.prototype._commentProperty.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._uncommentRange.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._inlineSwatchValueChanged.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._inlineSwatchValueChanged):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._resetContent.update):
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createColorSwatches.createSwatch): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createColorSwatches.update): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createColorSwatches): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createBezierEditors.update): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._createBezierEditors): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._colorSwatchColorChanged.update): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._colorSwatchColorChanged): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._cubicBezierMarkerClicked.updateCodeMirror.update): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._cubicBezierMarkerClicked.updateCodeMirror): Deleted.
(WebInspector.CSSStyleDeclarationTextEditor.prototype._cubicBezierMarkerClicked): Deleted.

* UserInterface/Views/CodeMirrorTextMarkers.js:
(createCodeMirrorColorTextMarkers.matchFunction):
Added logic so that if the matched color string is found inside a gradient,
it will not have a marker created for it.

* UserInterface/Views/InlineSwatch.css: Renamed from Source/WebInspectorUI/UserInterface/Views/ColorSwatch.css.
Consolidated the various swatch CSS classes into one file.

(.inline-swatch):
(.inline-swatch.bezier):
(.inline-swatch.bezier:hover):
(.inline-swatch.bezier:active):
(@media (-webkit-max-device-pixel-ratio: 1)):
(.inline-swatch > span):
Ensured that the inner swatch element can not be selected so that the "click"
listener on its parent always fires.

(.inline-swatch:hover > span):
(.inline-swatch:active > span):
(.inline-swatch.bezier > span):

* UserInterface/Views/InlineSwatch.js: Renamed from Source/WebInspectorUI/UserInterface/Views/ColorSwatch.js.
(WebInspector.InlineSwatch):
Now accepts a new first argument to indicate what type of color swatch
to create and what functionality it will have.  Currently has options
for WebInspector.Color, WebInspector.Gradient, and WebInspector.CubicBezier.

(WebInspector.InlineSwatch.prototype.get element):
(WebInspector.InlineSwatch.prototype.get value):
(WebInspector.InlineSwatch.prototype.set value):
(WebInspector.InlineSwatch.prototype._fallbackValue):
(WebInspector.InlineSwatch.prototype._updateSwatch):
(WebInspector.InlineSwatch.prototype._swatchElementClicked):
(WebInspector.InlineSwatch.prototype._valueEditorValueDidChange):
(WebInspector.InlineSwatch.prototype._handleContextMenuEvent):
(WebInspector.InlineSwatch.prototype._getNextValidHEXFormat.hexMatchesCurrentColor):
(WebInspector.InlineSwatch.prototype._getNextValidHEXFormat):

* UserInterface/Views/VisualStyleBackgroundPicker.css:
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .inline-swatch.gradient):
(.visual-style-property-container.background-picker > .visual-style-property-value-container:not(.gradient-value) > .inline-swatch.gradient):
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .inline-swatch.gradient:hover):
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .inline-swatch.gradient:active):
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .inline-swatch.gradient > span):
(.visual-style-property-container.background-picker > .visual-style-property-value-container.gradient-value > .inline-swatch.gradient + .value-input):
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .color-swatch): Deleted.
(.visual-style-property-container.background-picker > .visual-style-property-value-container:not(.gradient-value) > .color-swatch): Deleted.
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .color-swatch:hover): Deleted.
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .color-swatch:active): Deleted.
(.visual-style-property-container.background-picker > .visual-style-property-value-container > .color-swatch > span): Deleted.
(.visual-style-property-container.background-picker > .visual-style-property-value-container.gradient-value > .color-swatch + .value-input): Deleted.

* UserInterface/Views/VisualStyleBackgroundPicker.js:
Removed the specific code for the gradient swatch and moved to using a
gradient-type InlineSwatch for gradient values instead.

(WebInspector.VisualStyleBackgroundPicker):
(WebInspector.VisualStyleBackgroundPicker.prototype.set value):
(WebInspector.VisualStyleBackgroundPicker.prototype._updateGradient):
(WebInspector.VisualStyleBackgroundPicker.prototype._gradientSwatchColorChanged):
(WebInspector.VisualStyleBackgroundPicker.prototype._valueInputValueChanged):
(WebInspector.VisualStyleBackgroundPicker.prototype._handleKeywordChanged):
(WebInspector.VisualStyleBackgroundPicker.prototype._updateGradientSwatch): Deleted.
(WebInspector.VisualStyleBackgroundPicker.prototype._gradientSwatchClicked.handleColorPickerToggled): Deleted.
(WebInspector.VisualStyleBackgroundPicker.prototype._gradientSwatchClicked): Deleted.
(WebInspector.VisualStyleBackgroundPicker.prototype._gradientEditorGradientChanged): Deleted.

* UserInterface/Views/VisualStyleColorPicker.css:
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color):
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color:hover):
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color:active):
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .inline-swatch.color > span):
Add override CSS to ensure that the color-type InlineSwatch displays nicely
next to the flexbox style Visual sidebar.

(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .color-swatch): Deleted.
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .color-swatch:hover): Deleted.
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .color-swatch:active): Deleted.
(.visual-style-property-container.input-color-picker > .visual-style-property-value-container > .color-swatch > span): Deleted.
Refactored to only use overriding properties of the basic .inline-swatch values.

* UserInterface/Views/VisualStyleColorPicker.js:
(WebInspector.VisualStyleColorPicker):
(WebInspector.VisualStyleColorPicker.prototype._colorSwatchColorChanged):
(WebInspector.VisualStyleColorPicker.prototype._updateColorSwatch):

* UserInterface/Views/VisualStyleTimingEditor.css:
(.visual-style-property-container.timing-editor > .visual-style-property-value-container > .inline-swatch.bezier):
(.visual-style-property-container.timing-editor > .visual-style-property-value-container:not(.bezier-value) > .inline-swatch.bezier):
(@media (-webkit-min-device-pixel-ratio: 2)):
Add override CSS to ensure that the color-type InlineSwatch displays nicely
next to the flexbox style Visual sidebar.

(.visual-style-property-container.timing-editor > .visual-style-property-value-container > .bezier-editor): Deleted.
(.visual-style-property-container.timing-editor > .visual-style-property-value-container > .bezier-editor:hover): Deleted.
(.visual-style-property-container.timing-editor > .visual-style-property-value-container > .bezier-editor:active): Deleted.
Refactored to only use overriding properties of the basic .inline-swatch values.

* UserInterface/Views/VisualStyleTimingEditor.js:
Removed the specific code for the cubic-bezier swatch and moved to using a
cubic-bezier-type InlineSwatch for gradient values instead.

(WebInspector.VisualStyleTimingEditor):
(WebInspector.VisualStyleTimingEditor.prototype.get bezierValue):
(WebInspector.VisualStyleTimingEditor.prototype.set bezierValue):
(WebInspector.VisualStyleTimingEditor.prototype._setValue):
(WebInspector.VisualStyleTimingEditor.prototype._handleKeywordChanged):
(WebInspector.VisualStyleTimingEditor.prototype._bezierSwatchValueChanged):
(WebInspector.VisualStyleTimingEditor.prototype._bezierMarkerClicked): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194977 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed, rolling out r194969.
cdumez@apple.com [Wed, 13 Jan 2016 20:52:46 +0000 (20:52 +0000)]
Unreviewed, rolling out r194969.
https://bugs.webkit.org/show_bug.cgi?id=153075

This change broke the iOS build (Requested by ryanhaddad on
#webkit).

Reverted changeset:

"[JSC] Legalize Memory Offsets for ARM64 before lowering to
Air"
https://bugs.webkit.org/show_bug.cgi?id=153065
http://trac.webkit.org/changeset/194969

Patch by Commit Queue <commit-queue@webkit.org> on 2016-01-13

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194976 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[JSC] Legalize Memory Offsets for ARM64 before lowering to Air
commit-queue@webkit.org [Wed, 13 Jan 2016 19:33:02 +0000 (19:33 +0000)]
[JSC] Legalize Memory Offsets for ARM64 before lowering to Air
https://bugs.webkit.org/show_bug.cgi?id=153065

Patch by Benjamin Poulain <bpoulain@apple.com> on 2016-01-13
Reviewed by Mark Lam.
Reviewed by Filip Pizlo.

On ARM64, we cannot use signed 32bits offset for memory addressing.
There are two available addressing: signed 9bits and unsigned scaled 12bits.
Air already knows about it.

In this patch, the offsets are changed to something valid for ARM64
prior to lowering. When an offset is invalid, it is just computed
before the instruction and used as the base for addressing.

* JavaScriptCore.xcodeproj/project.pbxproj:
* b3/B3Generate.cpp:
(JSC::B3::generateToAir):
* b3/B3LegalizeMemoryOffsets.cpp: Added.
(JSC::B3::legalizeMemoryOffsets):
* b3/B3LegalizeMemoryOffsets.h: Added.
* b3/B3LowerToAir.cpp:
(JSC::B3::Air::LowerToAir::effectiveAddr): Deleted.
* b3/testb3.cpp:
(JSC::B3::testLoadWithOffsetImpl):
(JSC::B3::testLoadOffsetImm9Max):
(JSC::B3::testLoadOffsetImm9MaxPlusOne):
(JSC::B3::testLoadOffsetImm9MaxPlusTwo):
(JSC::B3::testLoadOffsetImm9Min):
(JSC::B3::testLoadOffsetImm9MinMinusOne):
(JSC::B3::testLoadOffsetScaledUnsignedImm12Max):
(JSC::B3::testLoadOffsetScaledUnsignedOverImm12Max):
(JSC::B3::run):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194969 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoWebRTC: Add support for RTCRtpSender.replaceTrack()
adam.bergkvist@ericsson.com [Wed, 13 Jan 2016 19:22:28 +0000 (19:22 +0000)]
WebRTC: Add support for RTCRtpSender.replaceTrack()
https://bugs.webkit.org/show_bug.cgi?id=153063

Reviewed by Eric Carlson.

Source/WebCore:

Add the API and infrastructure to support RTCRtpSender.replaceTrack(). The platform is
reached through the RTCPeerConnection object that created the RTCRtpSender via a client
interface.

Test: fast/mediastream/RTCRtpSender-replaceTrack.html

* Modules/mediastream/MediaEndpointPeerConnection.cpp:
(WebCore::MediaEndpointPeerConnection::replaceTrack):
* Modules/mediastream/MediaEndpointPeerConnection.h:
* Modules/mediastream/PeerConnectionBackend.h:
* Modules/mediastream/RTCPeerConnection.cpp:
(WebCore::RTCPeerConnection::addTrack):
(WebCore::RTCPeerConnection::removeTrack):
(WebCore::RTCPeerConnection::replaceTrack):
* Modules/mediastream/RTCPeerConnection.h:
* Modules/mediastream/RTCRtpSender.cpp:
(WebCore::RTCRtpSender::RTCRtpSender):
(WebCore::RTCRtpSender::replaceTrack):
* Modules/mediastream/RTCRtpSender.h:
(WebCore::RTCRtpSenderClient::~RTCRtpSenderClient):
(WebCore::RTCRtpSender::create):
(WebCore::RTCRtpSender::trackId):
(WebCore::RTCRtpSender::stop):
* Modules/mediastream/RTCRtpSender.idl:

LayoutTests:

Add API test for RTCRtpSender.replaceTrack(). A successful call is still
rejected (promise) until proper support is available in the WebRTC backend.

* fast/mediastream/RTCRtpSender-replaceTrack-expected.txt: Added.
* fast/mediastream/RTCRtpSender-replaceTrack.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194968 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoModern IDB: A few cursor tests are flaky because JS wrappers are GC'ed.
beidson@apple.com [Wed, 13 Jan 2016 18:42:00 +0000 (18:42 +0000)]
Modern IDB: A few cursor tests are flaky because JS wrappers are GC'ed.
https://bugs.webkit.org/show_bug.cgi?id=153038

Reviewed by Alex Christensen.

No new tests (Couldn't write a test that was any more reliable than "flaky", so fixing the existing flaky tests will do).

And IDBCursor has an associated IDBRequest that is re-used each time the IDBCursor iterates.

The normal ActiveDOMObject approach to prevent the IDBRequest's wrapper from being garbage collected was not good enough
because, while the IDBRequest may not currently be waiting on any activity, as long as its associated IDBCursor is still
reachable then the request might be reused in the future.

Fortunately there's an IDL allowance for "one object keeping another alive during GC" and that's JSCustomMarkFunction
combined with GenerateIsReachable.

Applying those to IDBCursor and IDBRequest fix this handily.

* CMakeLists.txt:
* WebCore.xcodeproj/project.pbxproj:

* Modules/indexeddb/IDBCursor.h:
(WebCore::IDBCursor::isModernCursor):
* Modules/indexeddb/IDBCursor.idl:

* Modules/indexeddb/IDBRequest.idl:

* Modules/indexeddb/client/IDBCursorImpl.cpp:
(WebCore::IDBClient::IDBCursor::advance):
(WebCore::IDBClient::IDBCursor::continueFunction):
(WebCore::IDBClient::IDBCursor::uncheckedIterateCursor):
(WebCore::IDBClient::IDBCursor::uncheckedIteratorCursor): Deleted. Fixed the typo of this name.
* Modules/indexeddb/client/IDBCursorImpl.h:

* bindings/js/JSIDBCursorCustom.cpp: Added.
(WebCore::JSIDBCursor::visitAdditionalChildren):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194967 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoGet text drawing working with display lists.
zalan@apple.com [Wed, 13 Jan 2016 18:19:45 +0000 (18:19 +0000)]
Get text drawing working with display lists.
https://bugs.webkit.org/show_bug.cgi?id=152957

Reviewed by Simon Fraser.

This patch enables text drawing for display lists.

* platform/graphics/FontCascade.cpp:
(WebCore::FontCascade::drawGlyphBuffer):
* platform/graphics/FontCascade.h:
* platform/graphics/GraphicsContext.cpp:
(WebCore::GraphicsContext::drawGlyphs):
(WebCore::GraphicsContext::drawText): Deleted.
* platform/graphics/cocoa/FontCascadeCocoa.mm:
(WebCore::FontCascade::drawGlyphs):
* platform/graphics/displaylists/DisplayListItems.cpp:
(WebCore::DisplayList::DrawGlyphs::apply):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194966 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSimple line layout: Add support for word-break property.
zalan@apple.com [Wed, 13 Jan 2016 17:08:35 +0000 (17:08 +0000)]
Simple line layout: Add support for word-break property.
https://bugs.webkit.org/show_bug.cgi?id=153054

Reviewed by Antti Koivisto.

This patch enables word-break property for simple line layout.
(https://drafts.csswg.org/css-text-3/#propdef-word-break)

word-break: normal and keep-all -> existing, non-(force)breaking behaviour.
            break-all -> breaks words when needed.

Covered by existing tests like fast/text/word-break.html

* rendering/SimpleLineLayout.cpp:
(WebCore::SimpleLineLayout::createLineRuns):
(WebCore::SimpleLineLayout::canUseForStyle): Deleted.
(WebCore::SimpleLineLayout::printReason): Deleted.
* rendering/SimpleLineLayoutTextFragmentIterator.cpp:
(WebCore::SimpleLineLayout::TextFragmentIterator::Style::Style):
(WebCore::SimpleLineLayout::TextFragmentIterator::findNextTextFragment):
* rendering/SimpleLineLayoutTextFragmentIterator.h:
(WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::TextFragment):
(WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::operator==):
(WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::isBreakable): Deleted.
(WebCore::SimpleLineLayout::TextFragmentIterator::TextFragment::split): Deleted.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194965 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoReference cycle between SVGPathElement and SVGPathSegWithContext leaks Document
commit-queue@webkit.org [Wed, 13 Jan 2016 17:04:36 +0000 (17:04 +0000)]
Reference cycle between SVGPathElement and SVGPathSegWithContext leaks Document
https://bugs.webkit.org/show_bug.cgi?id=151810

Patch by Said Abou-Hallawa <sabouhallawa@apple.com> on 2016-01-13
Reviewed by Darin Adler.

Break the reference cycle between SVGPathElement and SVGPathSegWithContext
by changing the back-pointer to be a WeakPtr pointer instead of having it
RefPtr. Make sure the SVGPathSegWithContext derived classes handle correctly
the case when the SVGPathElement back-pointer is deleted.

Also change the SVGPathElement argument to the SVGPathSeg creation functions
and constructors to be a const reference instead of having it as a pointer
since SVGPathElement is the class factory for all these classes.

* svg/SVGPathElement.cpp:
(WebCore::SVGPathElement::SVGPathElement):
(WebCore::SVGPathElement::createSVGPathSegClosePath):
(WebCore::SVGPathElement::createSVGPathSegMovetoAbs):
(WebCore::SVGPathElement::createSVGPathSegMovetoRel):
(WebCore::SVGPathElement::createSVGPathSegLinetoAbs):
(WebCore::SVGPathElement::createSVGPathSegLinetoRel):
(WebCore::SVGPathElement::createSVGPathSegCurvetoCubicAbs):
(WebCore::SVGPathElement::createSVGPathSegCurvetoCubicRel):
(WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticAbs):
(WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticRel):
(WebCore::SVGPathElement::createSVGPathSegArcAbs):
(WebCore::SVGPathElement::createSVGPathSegArcRel):
(WebCore::SVGPathElement::createSVGPathSegLinetoHorizontalAbs):
(WebCore::SVGPathElement::createSVGPathSegLinetoHorizontalRel):
(WebCore::SVGPathElement::createSVGPathSegLinetoVerticalAbs):
(WebCore::SVGPathElement::createSVGPathSegLinetoVerticalRel):
(WebCore::SVGPathElement::createSVGPathSegCurvetoCubicSmoothAbs):
(WebCore::SVGPathElement::createSVGPathSegCurvetoCubicSmoothRel):
(WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticSmoothAbs):
(WebCore::SVGPathElement::createSVGPathSegCurvetoQuadraticSmoothRel):
(WebCore::SVGPathElement::isSupportedAttribute):
* svg/SVGPathElement.h:
* svg/SVGPathSegArc.h:
(WebCore::SVGPathSegArc::SVGPathSegArc):
* svg/SVGPathSegArcAbs.h:
(WebCore::SVGPathSegArcAbs::create):
(WebCore::SVGPathSegArcAbs::SVGPathSegArcAbs):
* svg/SVGPathSegArcRel.h:
(WebCore::SVGPathSegArcRel::create):
(WebCore::SVGPathSegArcRel::SVGPathSegArcRel):
* svg/SVGPathSegClosePath.h:
(WebCore::SVGPathSegClosePath::create):
(WebCore::SVGPathSegClosePath::SVGPathSegClosePath):
* svg/SVGPathSegCurvetoCubic.h:
(WebCore::SVGPathSegCurvetoCubic::SVGPathSegCurvetoCubic):
* svg/SVGPathSegCurvetoCubicAbs.h:
(WebCore::SVGPathSegCurvetoCubicAbs::create):
(WebCore::SVGPathSegCurvetoCubicAbs::SVGPathSegCurvetoCubicAbs):
* svg/SVGPathSegCurvetoCubicRel.h:
(WebCore::SVGPathSegCurvetoCubicRel::create):
(WebCore::SVGPathSegCurvetoCubicRel::SVGPathSegCurvetoCubicRel):
* svg/SVGPathSegCurvetoCubicSmooth.h:
(WebCore::SVGPathSegCurvetoCubicSmooth::SVGPathSegCurvetoCubicSmooth):
* svg/SVGPathSegCurvetoCubicSmoothAbs.h:
(WebCore::SVGPathSegCurvetoCubicSmoothAbs::create):
(WebCore::SVGPathSegCurvetoCubicSmoothAbs::SVGPathSegCurvetoCubicSmoothAbs):
* svg/SVGPathSegCurvetoCubicSmoothRel.h:
(WebCore::SVGPathSegCurvetoCubicSmoothRel::create):
(WebCore::SVGPathSegCurvetoCubicSmoothRel::SVGPathSegCurvetoCubicSmoothRel):
* svg/SVGPathSegCurvetoQuadratic.h:
(WebCore::SVGPathSegCurvetoQuadratic::SVGPathSegCurvetoQuadratic):
* svg/SVGPathSegCurvetoQuadraticAbs.h:
(WebCore::SVGPathSegCurvetoQuadraticAbs::create):
(WebCore::SVGPathSegCurvetoQuadraticAbs::SVGPathSegCurvetoQuadraticAbs):
* svg/SVGPathSegCurvetoQuadraticRel.h:
(WebCore::SVGPathSegCurvetoQuadraticRel::create):
(WebCore::SVGPathSegCurvetoQuadraticRel::SVGPathSegCurvetoQuadraticRel):
* svg/SVGPathSegCurvetoQuadraticSmoothAbs.h:
(WebCore::SVGPathSegCurvetoQuadraticSmoothAbs::create):
(WebCore::SVGPathSegCurvetoQuadraticSmoothAbs::SVGPathSegCurvetoQuadraticSmoothAbs):
* svg/SVGPathSegCurvetoQuadraticSmoothRel.h:
(WebCore::SVGPathSegCurvetoQuadraticSmoothRel::create):
(WebCore::SVGPathSegCurvetoQuadraticSmoothRel::SVGPathSegCurvetoQuadraticSmoothRel):
* svg/SVGPathSegLinetoAbs.h:
(WebCore::SVGPathSegLinetoAbs::create):
(WebCore::SVGPathSegLinetoAbs::SVGPathSegLinetoAbs):
* svg/SVGPathSegLinetoHorizontal.h:
(WebCore::SVGPathSegLinetoHorizontal::SVGPathSegLinetoHorizontal):
* svg/SVGPathSegLinetoHorizontalAbs.h:
(WebCore::SVGPathSegLinetoHorizontalAbs::create):
(WebCore::SVGPathSegLinetoHorizontalAbs::SVGPathSegLinetoHorizontalAbs):
* svg/SVGPathSegLinetoHorizontalRel.h:
(WebCore::SVGPathSegLinetoHorizontalRel::create):
(WebCore::SVGPathSegLinetoHorizontalRel::SVGPathSegLinetoHorizontalRel):
* svg/SVGPathSegLinetoRel.h:
(WebCore::SVGPathSegLinetoRel::create):
(WebCore::SVGPathSegLinetoRel::SVGPathSegLinetoRel):
* svg/SVGPathSegLinetoVertical.h:
(WebCore::SVGPathSegLinetoVertical::SVGPathSegLinetoVertical):
* svg/SVGPathSegLinetoVerticalAbs.h:
(WebCore::SVGPathSegLinetoVerticalAbs::create):
(WebCore::SVGPathSegLinetoVerticalAbs::SVGPathSegLinetoVerticalAbs):
* svg/SVGPathSegLinetoVerticalRel.h:
(WebCore::SVGPathSegLinetoVerticalRel::create):
(WebCore::SVGPathSegLinetoVerticalRel::SVGPathSegLinetoVerticalRel):
* svg/SVGPathSegMovetoAbs.h:
(WebCore::SVGPathSegMovetoAbs::create):
(WebCore::SVGPathSegMovetoAbs::SVGPathSegMovetoAbs):
* svg/SVGPathSegMovetoRel.h:
(WebCore::SVGPathSegMovetoRel::create):
(WebCore::SVGPathSegMovetoRel::SVGPathSegMovetoRel):
* svg/SVGPathSegWithContext.h:
(WebCore::SVGPathSegWithContext::SVGPathSegWithContext):
(WebCore::SVGPathSegWithContext::animatedProperty):
(WebCore::SVGPathSegWithContext::contextElement):
(WebCore::SVGPathSegWithContext::setContextAndRole):
(WebCore::SVGPathSegWithContext::commitChange):
(WebCore::SVGPathSegSingleCoordinate::setY):
(WebCore::SVGPathSegSingleCoordinate::SVGPathSegSingleCoordinate):
* svg/properties/SVGPathSegListPropertyTearOff.cpp:
(WebCore::SVGPathSegListPropertyTearOff::clearContextAndRoles):
(WebCore::SVGPathSegListPropertyTearOff::replaceItem):
(WebCore::SVGPathSegListPropertyTearOff::removeItem):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194964 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoSource/WebCore:
akling@apple.com [Wed, 13 Jan 2016 14:52:16 +0000 (14:52 +0000)]
Source/WebCore:
Use BumpArena for style sheet object tree.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Give each StyleSheetContents its own BumpArena, and plumb it down through CSSParser
to allocate StyleRule, StyleProperties and CSSSelectorList's selector arrays there.

This basically means that most objects that make up a given style sheet will end up
in one (or a few) contiguous region(s) of memory, instead of being scattered all
over the malloc heap.

In the common case (no CSSOM manipulation), the lifetimes of these objects are very
predictable: everything tends to die when the StyleSheetContents dies.
This dramatically improves space-efficiency in those cases, and allows us to return
contiguous chunks of memory to the system once a style sheet is no longer needed.

One-off CSS parses that don't work within a StyleSheetContents context will have
their StyleRules & co allocated out of the global BumpArena.

Bonus: give SelectorQueryCache a dedicated BumpArena as well, since it has very
predictable lifetime.

* css/CSSGrammar.y.in:
* css/CSSKeyframesRule.h:
(WebCore::StyleRuleKeyframes::create):
* css/CSSParser.cpp:
(WebCore::CSSParser::createStyleProperties):
(WebCore::CSSParser::createMediaRule):
(WebCore::CSSParser::createSupportsRule):
(WebCore::CSSParser::createKeyframesRule):
(WebCore::CSSParser::setArena):
(WebCore::CSSParser::arena):
(WebCore::CSSParser::createStyleRule):
(WebCore::CSSParser::createFontFaceRule):
(WebCore::CSSParser::createPageRule):
(WebCore::CSSParser::createRegionRule):
(WebCore::CSSParser::createViewportRule):
* css/CSSParser.h:
* css/CSSParserValues.cpp:
(WebCore::CSSParserSelector::parsePseudoElementCueFunctionSelector):
(WebCore::CSSParserSelector::adoptSelectorVector):
* css/CSSParserValues.h:
* css/CSSSelectorList.cpp:
(WebCore::CSSSelectorList::CSSSelectorList):
(WebCore::CSSSelectorList::adoptSelectorVector):
(WebCore::CSSSelectorList::deleteSelectors):
* css/CSSSelectorList.h:
* css/StyleProperties.cpp:
(WebCore::ImmutableStyleProperties::create):
(WebCore::StyleProperties::immutableCopyIfNeeded):
* css/StyleProperties.h:
* css/StyleRule.cpp:
(WebCore::StyleRule::create):
(WebCore::StyleRule::splitIntoMultipleRulesWithMaximumSelectorComponentCount):
(WebCore::StyleRuleRegion::StyleRuleRegion):
* css/StyleRule.h:
(WebCore::StyleRule::create):
(WebCore::StyleRule::parserAdoptSelectorVector):
(WebCore::StyleRuleFontFace::create):
(WebCore::StyleRulePage::create):
(WebCore::StyleRulePage::parserAdoptSelectorVector):
(WebCore::StyleRuleMedia::create):
(WebCore::StyleRuleSupports::create):
(WebCore::StyleRuleRegion::create):
(WebCore::StyleRuleViewport::create):
* css/StyleSheetContents.cpp:
(WebCore::StyleSheetContents::StyleSheetContents):
(WebCore::StyleSheetContents::parseAuthorStyleSheet):
(WebCore::StyleSheetContents::parseStringAtPosition):
* css/StyleSheetContents.h:
* dom/SelectorQuery.cpp:
(WebCore::SelectorQueryCache::SelectorQueryCache):
(WebCore::SelectorQueryCache::add):
* dom/SelectorQuery.h:
* svg/SVGFontFaceElement.cpp:
(WebCore::SVGFontFaceElement::SVGFontFaceElement):

Source/WTF:
Fragmentation-free allocator for timeless and/or coupled allocations.
<https://webkit.org/b/152696>

Reviewed by Antti Koivisto.

Introduce BumpArena, a space-efficient memory allocator for situations where
you feel pretty confident betting on allocation lifetimes.

Basic design:

    - Allocates 4kB-aligned blocks of 4kB from bmalloc at a time.
    - Bump-pointer allocates out of a block until it reaches end.
    - Each allocation increments the ref-count of its block.
    - Each deallocation decrements the ref-count of its block.

Interface:

    - BumpArena::create()

        Create your very own BumpArena!

    - BumpArena::allocate(BumpArena* arena, size_t size)

        Allocates 'size' bytes of memory from 'arena'.
        If 'arena' is null, allocation comes out of the shared global BumpArena.

    - BumpArena::deallocate(void* ptr)

        Deallocates 'ptr', decrementing the ref-count of its block.

    - WTF_MAKE_BUMPARENA_ALLOCATED;

        Macro that gives a class or struct custom operators new and delete
        for allocation out of BumpArena. Just like WTF_MAKE_FAST_ALLOCATED;

Note that while the name of this patch says "fragmentation-free allocator"
it will only be fragmentation-free when used for appropriate things.
This is not meant to be a general-purpose allocator. Only use it for sets of
allocations that are known to die roughly at the same time.

BumpArena will never resume allocating from a block that has been filled,
so it's even more important than usual that everything gets deallocated.

As noted above, calling allocate() with a null BumpArena will allocate out
of a global shared arena. Ideally you're always allocating out of a specific,
controlled arena, but there are situations where you may not have one.

* WTF.vcxproj/WTF.vcxproj:
* WTF.vcxproj/WTF.vcxproj.filters:
* WTF.xcodeproj/project.pbxproj:
* wtf/BumpArena.cpp: Added.
(WTF::BumpArena::Block::defaultCapacity):
(WTF::BumpArena::Block::arena):
(WTF::BumpArena::Block::payloadStart):
(WTF::globalArena):
(WTF::arenas):
(WTF::BumpArena::Block::Block):
(WTF::BumpArena::Block::~Block):
(WTF::BumpArena::Block::ref):
(WTF::BumpArena::Block::deref):
(WTF::BumpArena::Block::create):
(WTF::BumpArena::Block::dump):
(WTF::BumpArena::dump):
(WTF::BumpArena::create):
(WTF::BumpArena::BumpArena):
(WTF::BumpArena::~BumpArena):
(WTF::BumpArena::allocateSlow):
(WTF::BumpArena::allocate):
(WTF::BumpArena::deallocate):
(WTF::BumpArena::Block::blockFor):
(WTF::BumpArena::arenaFor):
* wtf/BumpArena.h: Added.
* wtf/CMakeLists.txt:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194963 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[GTK] Unreviewed gardening.
mario@webkit.org [Wed, 13 Jan 2016 12:30:26 +0000 (12:30 +0000)]
[GTK] Unreviewed gardening.

Patch by Mario Sanchez Prada <mario@webkit.org> on 2016-01-13

* platform/gtk/TestExpectations: Mark three tests failing in the
GTK bots as Crash, Timeout (release builds only) and Failure.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194962 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[TexMap] BitmapTextureGL is not released while scene is updated continuously.
commit-queue@webkit.org [Wed, 13 Jan 2016 10:32:31 +0000 (10:32 +0000)]
[TexMap] BitmapTextureGL is not released while scene is updated continuously.
https://bugs.webkit.org/show_bug.cgi?id=152524

Patch by YongGeol Jung <yg48.jung@samsung.com> on 2016-01-13
Reviewed by Žan Doberšek.

This patch fixes two issues.
First, m_releaseUnusedTexturesTimer is not fired if scene is updated within 0.5s continuously.
In this case, BitmapTexturePool will not remove texture even if texture is not used for long time.
Second, m_releaseUnusedTexturesTimer is triggered by acquireTexture function only.
So, if next scene does not need to use BitmapTexture, remained textures in pool will not removed.

No new tests needed.

* platform/graphics/texmap/BitmapTexturePool.cpp:
(WebCore::BitmapTexturePool::scheduleReleaseUnusedTextures):
(WebCore::BitmapTexturePool::releaseUnusedTexturesTimerFired):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194961 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[Streams API] Refactor builtin internals to prepare support for streams API in worker
youenn.fablet@crf.canon.fr [Wed, 13 Jan 2016 09:54:24 +0000 (09:54 +0000)]
[Streams API] Refactor builtin internals to prepare support for streams API in worker
https://bugs.webkit.org/show_bug.cgi?id=152535

Reviewed by Darin Adler.

Moving the code that links internal functions to the GlobalObject in WebCoreJSBuiltinInternals.cpp.
This file should be generated by the builtin generator once refactoring is done.
This code is located in JSBuiltinInternalFunctions::initialize.

Adding private controller and reader constructors to the JS DOM constructor map so that they do not get garbage collected.

No change in behavior, except that private builtins are usable in workers (but not actually used).

* CMakeLists.txt:
* WebCore.vcxproj/WebCore.vcxproj:
* WebCore.xcodeproj/project.pbxproj:
* bindings/js/JSDOMGlobalObject.cpp:
(WebCore::JSDOMGlobalObject::JSDOMGlobalObject):
(WebCore::JSDOMGlobalObject::addBuiltinGlobals):
(WebCore::JSDOMGlobalObject::finishCreation):
(WebCore::JSDOMGlobalObject::visitChildren):
* bindings/js/JSDOMGlobalObject.h:
* bindings/js/JSDOMWindowBase.cpp:
(WebCore::JSDOMWindowBase::finishCreation):
(WebCore::JSDOMWindowBase::visitChildren):
* bindings/js/JSDOMWindowBase.h:
* bindings/js/WebCoreJSBuiltinInternals.cpp: Added.
(WebCore::JSBuiltinInternalFunctions::JSBuiltinInternalFunctions):
(WebCore::JSBuiltinInternalFunctions::visit):
(WebCore::JSBuiltinInternalFunctions::initialize):
* bindings/js/WebCoreJSBuiltinInternals.h:

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194960 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years agoUnreviewed. Update OptionsGTK.cmake and NEWS for 2.11.3 release.
carlosgc@webkit.org [Wed, 13 Jan 2016 08:12:57 +0000 (08:12 +0000)]
Unreviewed. Update OptionsGTK.cmake and NEWS for 2.11.3 release.

.:

* Source/cmake/OptionsGTK.cmake: Bump version numbers.

Source/WebKit2:

* gtk/NEWS: Add release notes for 2.11.3.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194958 268f45cc-cd09-0410-ab3c-d52691b4dbfc

4 years ago[EFL] Fix wrong return value of paintThemePart in RenderThemeEfl
gyuyoung.kim@webkit.org [Wed, 13 Jan 2016 08:01:56 +0000 (08:01 +0000)]
[EFL] Fix wrong return value of paintThemePart in RenderThemeEfl
https://bugs.webkit.org/show_bug.cgi?id=153058

Reviewed by Carlos Garcia Campos.

To return false in paint functions in RenderThemeEfl means that it is supported though,
paintThemePart has returned false even when failing to get image cache of theme.

* rendering/RenderThemeEfl.cpp:
(WebCore::RenderThemeEfl::paintThemePart):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@194957 268f45cc-cd09-0410-ab3c-d52691b4dbfc